Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,873
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

100 advisories

Loading
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition... Low Unreviewed
CVE-2025-1939 was published Mar 4, 2025
An attacker could expose cross-user personal identifiable information (PII) and personal health... High Unreviewed
CVE-2025-20060 was published Feb 28, 2025
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-13217 was published Feb 27, 2025
The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist... Moderate Unreviewed
CVE-2025-20615 was published Feb 14, 2025
The Directorist: AI-Powered WordPress Business Directory Plugin with Classified Ads Listings... Moderate Unreviewed
CVE-2024-12041 was published Feb 1, 2025
The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13216 was published Jan 31, 2025
In its default configuration, the affected product transmits plain-text patient data to a hard... High Unreviewed
CVE-2025-0683 was published Jan 30, 2025
Updatecli exposes Maven credentials in console output High
CVE-2025-24355 was published for github.com/updatecli/updatecli (Go) Jan 24, 2025
gionn olblak
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-13215 was published Jan 15, 2025
The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is... Moderate Unreviewed
CVE-2024-11396 was published Jan 14, 2025
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain... Moderate Unreviewed
CVE-2024-41780 was published Jan 3, 2025
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-11712 was published Dec 14, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could... High Unreviewed
CVE-2024-42494 was published Dec 6, 2024
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-37070 was published Nov 19, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-49025 was published Nov 14, 2024
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager... Moderate Unreviewed
CVE-2023-44255 was published Nov 12, 2024
Sensitive information disclosure due to spell-jacking. The following products are affected:... Moderate Unreviewed
CVE-2024-49386 was published Oct 17, 2024
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain... High Unreviewed
CVE-2024-47087 was published Sep 19, 2024
This vulnerability exists in LD DP Back Office due to improper validation of certain parameters ... High Unreviewed
CVE-2024-47085 was published Sep 19, 2024
An attacker with no knowledge of the current users in the web application, could build a... Moderate Unreviewed
CVE-2024-8891 was published Sep 18, 2024
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users Moderate
CVE-2024-46979 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive... High Unreviewed
CVE-2024-45787 was published Sep 11, 2024
XWiki Platform document history including authors of any page exposed to unauthorized actors Moderate
CVE-2024-45591 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Sep 10, 2024
Xiqinger
Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an... Moderate Unreviewed
CVE-2024-44113 was published Sep 10, 2024
Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access... Moderate Unreviewed
CVE-2024-41729 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database