Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,159 advisories

Loading
Gradio vulnerable to arbitrary file read with File and UploadButton components Moderate
CVE-2024-51751 was published for gradio (pip) Nov 6, 2024
ifratric
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800... Moderate Unreviewed
CVE-2024-20445 was published Nov 6, 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated... Moderate Unreviewed
CVE-2024-20507 was published Nov 6, 2024
A vulnerability in the logging component of Cisco Unified Communications Manager IM &... Moderate Unreviewed
CVE-2024-20457 was published Nov 6, 2024
A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325... Moderate Unreviewed
CVE-2024-10916 was published Nov 6, 2024
A vulnerability was found in Foreman's loader macros introduced with report templates. These... Moderate Unreviewed
CVE-2024-8553 was published Oct 31, 2024
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic... Moderate Unreviewed
CVE-2024-10084 was published Nov 6, 2024
Under certain conditions, through a request directed to the Waybox Enel X web management... Moderate Unreviewed
CVE-2023-29116 was published Nov 5, 2024
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-10329 was published Nov 5, 2024
System logs could be accessed through web management application due to a lack of access control.... Moderate Unreviewed
CVE-2023-29114 was published Nov 5, 2024
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10319 was published Nov 5, 2024
img_auth.php may leak private extension images into the public cache Moderate
CVE-2020-15005 was published for mediawiki/core (Composer) May 24, 2022
Rudloff
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions Moderate
CVE-2024-23445 was published for org.elasticsearch:elasticsearch (Maven) Jun 12, 2024
The LevelOne WBR-6012 router contains a vulnerability within its web application that allows... Moderate Unreviewed
CVE-2024-33626 was published Oct 30, 2024
The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application,... Moderate Unreviewed
CVE-2024-33603 was published Oct 30, 2024
HTML Purifier allows remote attackers to obtain sensitive information Moderate
CVE-2011-3744 was published for ezyang/htmlpurifier (Composer) May 17, 2022
Rudloff
This vulnerability could be exploited, leading to unauthorized disclosure of information to... Moderate Unreviewed
CVE-2024-42508 was published Oct 18, 2024
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration Moderate
CVE-2022-23504 was published for typo3/cms (Composer) Dec 13, 2022
ohader darth-hader
The Move Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-10360 was published Oct 29, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-10312 was published Oct 29, 2024
Scrapy HTTP authentication credentials potentially leaked to target websites Moderate
CVE-2021-41125 was published for Scrapy (pip) Oct 6, 2021
Roundup sensitive data disclosure vulnerability Moderate
CVE-2014-6276 was published for roundup (pip) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Requests Moderate
CVE-2014-1829 was published for requests (pip) May 17, 2022
The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-10357 was published Oct 26, 2024
sosreport sensitive information disclosure via weak permissions of the generated archives Moderate
CVE-2015-3171 was published for sosreport (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database