GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,360 advisories
Filter by severity
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,...
High
Unreviewed
CVE-2023-3413
was published
Sep 29, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8...
High
Unreviewed
CVE-2023-3993
was published
Aug 2, 2023
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based...
High
Unreviewed
CVE-2023-3705
was published
Aug 24, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6...
High
Unreviewed
CVE-2023-39289
was published
Aug 26, 2023
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an...
High
Unreviewed
CVE-2024-25646
was published
Apr 9, 2024
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD...
High
Unreviewed
CVE-2023-37486
was published
Aug 8, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,...
High
Unreviewed
CVE-2023-49580
was published
Dec 12, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes...
High
Unreviewed
CVE-2024-46471
was published
Sep 27, 2024
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote...
High
Unreviewed
CVE-2023-39620
was published
Sep 8, 2023
This allows attackers to use a maliciously formed API request to gain access to an API...
High
Unreviewed
CVE-2024-1222
was published
Mar 14, 2024
An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2023-42387
was published
Sep 18, 2023
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were...
High
Unreviewed
CVE-2023-39677
was published
Sep 20, 2023
Data security classification vulnerability in the DDMP module. Successful exploitation of this...
High
Unreviewed
CVE-2023-41293
was published
Sep 25, 2023
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information...
High
Unreviewed
CVE-2024-3305
was published
Sep 12, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when...
High
Unreviewed
CVE-2024-29968
was published
Apr 19, 2024
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
Vulnerability of package names' public keys not being verified in the security module.Successful...
High
Unreviewed
CVE-2023-44093
was published
Oct 11, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information...
High
Unreviewed
CVE-2024-6406
was published
Sep 18, 2024
A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An...
High
Unreviewed
CVE-2024-40862
was published
Sep 17, 2024
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and...
High
Unreviewed
CVE-2024-46938
was published
Sep 16, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-22086
was published
Oct 18, 2023
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before...
High
Unreviewed
CVE-2024-37397
was published
Sep 12, 2024
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-22019
was published
Oct 18, 2023
ProTip!
Advisories are also available from the
GraphQL API