Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,515
Erlang
33
GitHub Actions
25
Go
2,215
Maven
5,000+
npm
3,876
NuGet
697
pip
3,648
Pub
12
RubyGems
913
Rust
924
Swift
38
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager... Moderate Unreviewed
CVE-2023-44255 was published Nov 12, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-49025 was published Nov 14, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could... High Unreviewed
CVE-2024-42494 was published Dec 6, 2024
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain... Moderate Unreviewed
CVE-2024-41780 was published Jan 3, 2025
The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is... Moderate Unreviewed
CVE-2024-11396 was published Jan 14, 2025
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-13215 was published Jan 15, 2025
Updatecli exposes Maven credentials in console output High
CVE-2025-24355 was published for github.com/updatecli/updatecli (Go) Jan 24, 2025
gionn olblak
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-37070 was published Nov 19, 2024
The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13216 was published Jan 31, 2025
In its default configuration, the affected product transmits plain-text patient data to a hard... High Unreviewed
CVE-2025-0683 was published Jan 30, 2025
The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings... Moderate Unreviewed
CVE-2024-12041 was published Feb 1, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-11712 was published Dec 14, 2024
Exposure of sensitive information in follow-redirects High
CVE-2022-0155 was published for follow-redirects (npm) Jan 12, 2022
The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist... Moderate Unreviewed
CVE-2025-20615 was published Feb 14, 2025
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-13217 was published Feb 27, 2025
An attacker could expose cross-user personal identifiable information (PII) and personal health... High Unreviewed
CVE-2025-20060 was published Feb 28, 2025
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an... High Unreviewed
CVE-2024-11216 was published Mar 5, 2025
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition... Low Unreviewed
CVE-2025-1939 was published Mar 4, 2025
The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-13228 was published Mar 11, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2024-27881 was published Jul 30, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2024-40796 was published Jul 30, 2024
Vulnerabilities in the command line interface of AOS-CX could allow an authenticated remote... Moderate Unreviewed
CVE-2025-27080 was published Mar 18, 2025
A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with... Moderate Unreviewed
CVE-2025-25042 was published Mar 18, 2025
An information disclosure vulnerability exists in the latest version of transformeroptimus... High Unreviewed
CVE-2024-10267 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database