Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,031 advisories

Loading
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed
CVE-2025-0318 was published Jan 18, 2025
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of... Moderate Unreviewed
CVE-2008-3474 was published May 2, 2022
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2024-12142 was published Jan 17, 2025
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-12637 was published Jan 17, 2025
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed
CVE-2025-0472 was published Jan 16, 2025
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-6455 was published Jul 18, 2024
A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an... Moderate Unreviewed
CVE-2025-0481 was published Jan 15, 2025
Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-8336 was published May 17, 2022
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection... Moderate Unreviewed
CVE-2024-50312 was published Oct 22, 2024
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in... High Unreviewed
CVE-2022-22680 was published Feb 8, 2022
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root... High Unreviewed
CVE-2014-2264 was published May 17, 2022
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM)... Moderate Unreviewed
CVE-2017-9554 was published May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Unknown Unreviewed
CVE-2025-23073 was published Jan 14, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Unknown Unreviewed
CVE-2025-23074 was published Jan 14, 2025
Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in... High Unreviewed
CVE-2021-29086 was published May 24, 2022
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology... High Unreviewed
CVE-2021-26566 was published May 24, 2022
Windows Themes Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21308 was published Jan 14, 2025
Windows Kerberos Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21242 was published Jan 14, 2025
Windows BitLocker Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21214 was published Jan 14, 2025
The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-12008 was published Jan 14, 2025
CloudStack users can add and read comments (annotations) on resources they are authorised to... Moderate Unreviewed
CVE-2025-22828 was published Jan 13, 2025
HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response... Low Unreviewed
CVE-2024-42179 was published Jan 13, 2025
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0.... Moderate Unreviewed
CVE-2025-0403 was published Jan 13, 2025
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-8899 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database