Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

9,027 advisories

Loading
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed
CVE-2025-0318 was published Jan 18, 2025
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of... Moderate Unreviewed
CVE-2008-3474 was published May 2, 2022
Eugeny Tabby Sends Password Despite Host Key Verification Failure High
CVE-2024-48460 was published for tabby-ssh (npm) Jan 17, 2025
Exposure of Sensitive Information to an Unauthorized Actor in Concord High
CVE-2020-10591 was published for com.walmartlabs.concord:concord-common (Maven) Feb 10, 2022
binary-1024
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2024-12142 was published Jan 17, 2025
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-12637 was published Jan 17, 2025
Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse High
CVE-2024-4109 was published for io.undertow:undertow-core (Maven) Dec 12, 2024 withdrawn
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed
CVE-2025-0472 was published Jan 16, 2025
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-6455 was published Jul 18, 2024
Field-level security issue with .keyword fields in OpenSearch Moderate
CVE-2023-23613 was published for org.opensearch.plugin:opensearch-security (Maven) Jan 24, 2023
binary-1024
A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an... Moderate Unreviewed
CVE-2025-0481 was published Jan 15, 2025
Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-8336 was published May 17, 2022
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection... Moderate Unreviewed
CVE-2024-50312 was published Oct 22, 2024
Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials High
CVE-2024-50338 was published for git-credential-manager (NuGet) Jan 14, 2025
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in... High Unreviewed
CVE-2022-22680 was published Feb 8, 2022
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root... High Unreviewed
CVE-2014-2264 was published May 17, 2022
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM)... Moderate Unreviewed
CVE-2017-9554 was published May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Unknown Unreviewed
CVE-2025-23073 was published Jan 14, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Unknown Unreviewed
CVE-2025-23074 was published Jan 14, 2025
Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in... High Unreviewed
CVE-2021-29086 was published May 24, 2022
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology... High Unreviewed
CVE-2021-26566 was published May 24, 2022
Windows Themes Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21308 was published Jan 14, 2025
Windows Kerberos Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21242 was published Jan 14, 2025
Windows BitLocker Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21214 was published Jan 14, 2025
The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-12008 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database