GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7...
Moderate
Unreviewed
CVE-2024-10240
was published
Nov 26, 2024
A vulnerability exists in NSD570 that allows any authenticated
user to access all device logs...
Moderate
Unreviewed
CVE-2024-9929
was published
Nov 26, 2024
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00...
Moderate
Unreviewed
CVE-2024-41781
was published
Nov 22, 2024
Exposure of sensitive system information to an unauthorized control sphere issue exists in...
Moderate
Unreviewed
CVE-2024-52033
was published
Nov 20, 2024
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could...
Moderate
Unreviewed
CVE-2021-1234
was published
Nov 18, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE...
Moderate
Unreviewed
CVE-2024-36509
was published
Nov 12, 2024
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in...
Moderate
Unreviewed
CVE-2024-50425
was published
Oct 30, 2024
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in...
Moderate
Unreviewed
CVE-2024-49252
was published
Oct 16, 2024
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have...
Moderate
Unreviewed
CVE-2024-9470
was published
Oct 9, 2024
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7,...
Moderate
Unreviewed
CVE-2024-6389
was published
Sep 12, 2024
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a...
Moderate
Unreviewed
CVE-2024-8687
was published
Sep 11, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP...
Moderate
Unreviewed
CVE-2024-39740
was published
Jul 15, 2024
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script...
Moderate
Unreviewed
CVE-2024-5735
was published
Jul 3, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks...
Moderate
Unreviewed
CVE-2024-6388
was published
Jun 27, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon.
Moderate
Unreviewed
CVE-2022-4968
was published
Jun 7, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE...
Moderate
Unreviewed
CVE-2023-50180
was published
May 14, 2024
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an...
Moderate
Unreviewed
CVE-2023-4605
was published
Apr 5, 2024
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature...
Moderate
Unreviewed
CVE-2024-31419
was published
Apr 3, 2024
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0...
Moderate
Unreviewed
CVE-2023-50959
was published
Mar 31, 2024
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions...
Moderate
Unreviewed
CVE-2024-22124
was published
Jan 9, 2024
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53,...
Moderate
Unreviewed
CVE-2023-41366
was published
Nov 14, 2023
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template...
Moderate
Unreviewed
CVE-2023-34209
was published
Oct 17, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2023-20111
was published
Aug 17, 2023
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep...
Moderate
Unreviewed
CVE-2023-37487
was published
Aug 8, 2023
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app...
Moderate
Unreviewed
CVE-2023-0342
was published
Jun 9, 2023
ProTip!
Advisories are also available from the
GraphQL API