GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

224 advisories

Filter by severity

Sort by

Least recently updated

HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive... Moderate Unreviewed

CVE-2024-30141 was published Nov 7, 2024

This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs... High Unreviewed

CVE-2024-51560 was published Nov 4, 2024

An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api... High Unreviewed

CVE-2024-39719 was published Oct 31, 2024

Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti... Moderate Unreviewed

CVE-2024-50512 was published Oct 30, 2024

HCL Sametime is impacted by the error messages containing sensitive information. An attacker can... Low Unreviewed

CVE-2023-50355 was published Oct 24, 2024

SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non... Moderate Unreviewed

CVE-2024-45713 was published Oct 17, 2024

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows... Moderate Unreviewed

CVE-2024-44762 was published Oct 16, 2024

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed

CVE-2024-7426 was published Sep 25, 2024

The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions... Moderate Unreviewed

CVE-2024-6544 was published Sep 13, 2024

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15... Moderate Unreviewed

CVE-2024-5435 was published Sep 12, 2024

A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It... Moderate Unreviewed

CVE-2024-8571 was published Sep 8, 2024

The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed

CVE-2024-7415 was published Sep 6, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed

CVE-2024-6551 was published Aug 29, 2024

IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2023-47728 was published Aug 16, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-39751 was published Aug 6, 2024

A verbose error handling issue in the proxy service implemented in the GravityZone Update Server... Critical Unreviewed

CVE-2024-6980 was published Jul 31, 2024

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML... Low Unreviewed

CVE-2024-5250 was published Jul 30, 2024

An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the... Low Unreviewed

CVE-2024-3454 was published Jul 24, 2024

IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive... Moderate Unreviewed

CVE-2022-35640 was published Jul 17, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-39737 was published Jul 15, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-35119 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2023-50953 was published Jun 30, 2024

IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2024-35156 was published Jun 29, 2024

IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2024-35155 was published Jun 28, 2024

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application... Moderate Unreviewed

CVE-2024-31844 was published May 21, 2024

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

224 advisories