Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

262 advisories

Loading
Apache StreamPark: Information leakage vulnerability Moderate
CVE-2024-29120 was published for org.apache.streampark:streampark (Maven) Jul 17, 2024
The vulnerability allows a malicious low-privileged PAM user to access information about other... Moderate Unreviewed
CVE-2024-38496 was published Jul 15, 2024
In ensureFileColumns of MediaProvider.java, there is a possible disclosure of files owned by... Moderate Unreviewed
CVE-2024-34721 was published Jul 9, 2024
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin Moderate
CVE-2024-39459 was published for org.jenkins-ci.plugins:plain-credentials (Maven) Jun 26, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed
CVE-2024-29953 was published Jun 26, 2024
An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access... Moderate Unreviewed
CVE-2024-35526 was published Jun 25, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed
CVE-2024-6295 was published Jun 25, 2024
An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV... Moderate Unreviewed
CVE-2024-37654 was published Jun 22, 2024
rke's credentials are stored in the RKE1 Cluster state ConfigMap Critical
CVE-2023-32191 was published for github.com/rancher/rke (Go) Jun 17, 2024
When browsing private tabs, some data related to location history or webpage thumbnails could be... Moderate Unreviewed
CVE-2024-38312 was published Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions Moderate
CVE-2024-23445 was published for org.elasticsearch:elasticsearch (Maven) Jun 12, 2024
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0,... Moderate Unreviewed
CVE-2024-31404 was published Jun 11, 2024
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0.... Moderate Unreviewed
CVE-2024-31400 was published Jun 11, 2024
The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2023-6748 was published Jun 11, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
CVE-2024-4540 was published for org.keycloak:keycloak-services (Maven) Jun 10, 2024
mschallar
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies... Moderate Unreviewed
CVE-2024-36788 was published Jun 7, 2024
scikit-learn sensitive data leakage vulnerability Moderate
CVE-2024-5206 was published for scikit-learn (pip) Jun 6, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :... Moderate Unreviewed
CVE-2022-44581 was published May 17, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic... Moderate Unreviewed
CVE-2024-33004 was published May 14, 2024
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16... Moderate Unreviewed
CVE-2024-27789 was published May 14, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2024-23229 was published May 14, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an... Moderate Unreviewed
CVE-2024-28132 was published May 8, 2024
An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to... Moderate Unreviewed
CVE-2024-32211 was published May 1, 2024
An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via... Low Unreviewed
CVE-2024-32236 was published Apr 25, 2024
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce... Moderate Unreviewed
CVE-2024-3733 was published Apr 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database