GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
231 advisories
Filter by severity
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2024-44298
was published
Dec 20, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2024-44292
was published
Dec 20, 2024
Keyfactor Remote File Orchestrator (aka remote-file-orchestrator) 2.8 before 2.8.1 allows...
Moderate
Unreviewed
CVE-2024-49201
was published
Dec 18, 2024
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what...
Critical
Unreviewed
CVE-2024-4995
was published
Dec 18, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2024-54504
was published
Dec 12, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Low
Unreviewed
CVE-2024-44200
was published
Dec 12, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS...
Moderate
Unreviewed
CVE-2024-54477
was published
Dec 12, 2024
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.3, iOS 18...
Low
Unreviewed
CVE-2024-54485
was published
Dec 12, 2024
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack...
High
Unreviewed
CVE-2024-37144
was published
Dec 10, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to...
High
Unreviewed
CVE-2024-47043
was published
Dec 6, 2024
InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx...
Critical
Unreviewed
CVE-2024-30896
was published
Nov 27, 2024
A security bypass vulnerability exists in the Removable Media Encryption (RME)component of...
Moderate
Unreviewed
CVE-2024-3334
was published
Nov 15, 2024
A vulnerability in the web-based management interface of Cisco Smart Software Manager On...
Moderate
Unreviewed
CVE-2022-20939
was published
Nov 15, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3501
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3502
was published
Nov 14, 2024
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists...
Critical
Unreviewed
CVE-2024-10943
was published
Nov 12, 2024
Moodle admin presets export tool includes some secrets that should not be exported
Low
CVE-2024-43427
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023...
High
Unreviewed
CVE-2024-48939
was published
Nov 11, 2024
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not...
Low
Unreviewed
CVE-2020-10368
was published
Nov 11, 2024
An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly...
Moderate
Unreviewed
CVE-2019-20469
was published
Nov 7, 2024
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local...
Moderate
Unreviewed
CVE-2024-34677
was published
Nov 6, 2024
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for...
High
Unreviewed
CVE-2024-10028
was published
Nov 6, 2024
Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a...
High
Unreviewed
CVE-2024-48353
was published
Nov 1, 2024
Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After login, there are file reads...
Moderate
Unreviewed
CVE-2024-51399
was published
Nov 1, 2024
Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server...
High
Unreviewed
CVE-2024-48352
was published
Nov 1, 2024
ProTip!
Advisories are also available from the
GraphQL API