Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,444
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,591 advisories

Loading
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to... Moderate Unreviewed
CVE-2016-2388 was published May 13, 2022
** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to... Moderate Unreviewed
CVE-2011-0736 was published May 17, 2022
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified ... Moderate Unreviewed
CVE-2010-0488 was published May 2, 2022
Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from... Moderate Unreviewed
CVE-2010-3330 was published May 13, 2022
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed
CVE-2025-0318 was published Jan 18, 2025
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of... Moderate Unreviewed
CVE-2008-3474 was published May 2, 2022
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-12637 was published Jan 17, 2025
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-6455 was published Jul 18, 2024
A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an... Moderate Unreviewed
CVE-2025-0481 was published Jan 15, 2025
Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-8336 was published May 17, 2022
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection... Moderate Unreviewed
CVE-2024-50312 was published Oct 22, 2024
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM)... Moderate Unreviewed
CVE-2017-9554 was published May 14, 2022
Windows Themes Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21308 was published Jan 14, 2025
Windows Kerberos Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21242 was published Jan 14, 2025
Windows BitLocker Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21214 was published Jan 14, 2025
The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed
CVE-2024-12008 was published Jan 14, 2025
CloudStack users can add and read comments (annotations) on resources they are authorised to... Moderate Unreviewed
CVE-2025-22828 was published Jan 13, 2025
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0.... Moderate Unreviewed
CVE-2025-0403 was published Jan 13, 2025
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-8899 was published Nov 26, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2025-21592 was published Jan 9, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons... Moderate Unreviewed
CVE-2024-31278 was published Apr 10, 2024
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12584 was published Jan 8, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-56443 was published Jan 8, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-56435 was published Jan 8, 2025
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor... Moderate Unreviewed
CVE-2024-12426 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database