GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
8,924 advisories
Filter by severity
Rancher Helm Applications may have sensitive values leaked
Moderate
CVE-2024-52282
was published
for
github.com/rancher/rancher
(Go)
Nov 20, 2024
github.com/rancher/steve's users can issue watch commands for arbitrary resources
High
CVE-2024-52280
was published
for
github.com/rancher/steve
(Go)
Nov 20, 2024
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,...
Moderate
Unreviewed
CVE-2024-10365
was published
Nov 20, 2024
Graylog concurrent PDF report rendering can leak other users' reports
High
CVE-2024-52506
was published
for
org.graylog:graylog-parent
(Maven)
Nov 18, 2024
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an...
Moderate
Unreviewed
CVE-2020-3525
was published
Nov 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.
...
High
Unreviewed
CVE-2024-45791
was published
Nov 18, 2024
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow...
Moderate
Unreviewed
CVE-2022-20648
was published
Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce...
Moderate
Unreviewed
CVE-2024-8978
was published
Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce...
High
Unreviewed
CVE-2024-8979
was published
Nov 15, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3501
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3502
was published
Nov 14, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
High
Unreviewed
CVE-2024-47915
was published
Nov 14, 2024
Moodle IDOR when accessing list of badge recipients
Moderate
CVE-2024-48900
was published
for
moodle/moodle
(Composer)
Nov 13, 2024
Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier...
Unknown
Unreviewed
CVE-2024-10971
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46894
was published
Nov 12, 2024
Moodle has user information visibility control issues in gradebook reports
Low
CVE-2024-43429
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch...
Moderate
Unreviewed
CVE-2024-52032
was published
Nov 9, 2024
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10352
was published
Nov 9, 2024
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-8756
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the...
Critical
Unreviewed
CVE-2024-10285
was published
Nov 9, 2024
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information...
Low
Unreviewed
CVE-2024-48011
was published
Nov 8, 2024
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this...
Moderate
Unreviewed
CVE-2024-10965
was published
Nov 7, 2024
A vulnerability in the logging component of Cisco Unified Communications Manager IM &...
Moderate
Unreviewed
CVE-2024-20457
was published
Nov 6, 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated...
Moderate
Unreviewed
CVE-2024-20507
was published
Nov 6, 2024
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800...
Moderate
Unreviewed
CVE-2024-20445
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API