GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
41 advisories
Filter by severity
Improper Restriction of Excessive Authentication Attempts vulnerability in Digital Operation...
Moderate
Unreviewed
CVE-2024-8429
was published
Dec 17, 2024
Insertion of Sensitive Information Into Sent Data vulnerability in wpdebuglog PostBox allows...
Moderate
Unreviewed
CVE-2024-54309
was published
Dec 13, 2024
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows...
High
Unreviewed
CVE-2024-53804
was published
Dec 6, 2024
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba...
Moderate
Unreviewed
CVE-2023-34968
was published
Jul 20, 2023
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco...
Moderate
Unreviewed
CVE-2021-1425
was published
Nov 18, 2024
Insertion of Sensitive Information Into Sent Data vulnerability in VideoWhisper.Com Contact Forms...
High
Unreviewed
CVE-2024-49235
was published
Oct 17, 2024
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 ...
Moderate
Unreviewed
CVE-2024-6747
was published
Oct 10, 2024
The "tokenKey" value used in user authorization is visible in the HTML source of the login page.
High
Unreviewed
CVE-2023-49261
was published
Jan 12, 2024
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of...
Moderate
Unreviewed
CVE-2024-47128
was published
Sep 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16...
Low
Unreviewed
CVE-2023-5831
was published
Nov 6, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6...
Moderate
Unreviewed
CVE-2023-3399
was published
Nov 6, 2023
A sensitive information leak issue has been discovered in GitLab EE affecting all versions...
Moderate
Unreviewed
CVE-2023-3102
was published
Jul 21, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,...
High
Unreviewed
CVE-2023-3413
was published
Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3,...
Moderate
Unreviewed
CVE-2023-3949
was published
Dec 1, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to...
Low
Unreviewed
CVE-2023-2620
was published
Jul 13, 2023
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29...
Moderate
Unreviewed
CVE-2023-1401
was published
Jul 26, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16...
Moderate
Unreviewed
CVE-2023-4378
was published
Sep 1, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8...
Moderate
Unreviewed
CVE-2023-4002
was published
Aug 4, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10...
Moderate
Unreviewed
CVE-2023-1825
was published
Jun 7, 2023
The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the...
Moderate
Unreviewed
CVE-2024-41931
was published
Sep 26, 2024
goTenna Pro ATAK Plugin by default enables frequent unencrypted
Position, Location and...
Moderate
Unreviewed
CVE-2024-43814
was published
Sep 26, 2024
Audit records for OpenAPI requests may include sensitive information.
This could lead to...
High
Unreviewed
CVE-2023-6916
was published
Apr 10, 2024
An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware...
High
Unreviewed
CVE-2024-8890
was published
Sep 18, 2024
SiteGuard WP Plugin provides a functionality to customize the path to the login page wp-login.php...
Moderate
Unreviewed
CVE-2024-37881
was published
Jun 19, 2024
A “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative...
Moderate
Unreviewed
CVE-2024-31200
was published
Jul 31, 2024
ProTip!
Advisories are also available from the
GraphQL API