GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
8,915 advisories
Filter by severity
hornetq vulnerable to file overwrite, sensitive information disclosure
High
CVE-2024-51127
was published
for
org.hornetq:hornetq-core-client
(Maven)
Nov 4, 2024
A vulnerability was found in Foreman's loader macros introduced with report templates. These...
Moderate
Unreviewed
CVE-2024-8553
was published
Oct 31, 2024
The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application,...
Moderate
Unreviewed
CVE-2024-33603
was published
Oct 30, 2024
The LevelOne WBR-6012 router contains a vulnerability within its web application that allows...
Moderate
Unreviewed
CVE-2024-33626
was published
Oct 30, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack...
High
Unreviewed
CVE-2024-7010
was published
Oct 29, 2024
The Move Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10360
was published
Oct 29, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10312
was published
Oct 29, 2024
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere...
Low
Unreviewed
CVE-2024-30106
was published
Oct 29, 2024
The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10357
was published
Oct 26, 2024
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-10050
was published
Oct 24, 2024
A vulnerability, which was classified as problematic, was found in ZZCMS 2023. This affects an...
Moderate
Unreviewed
CVE-2024-10290
was published
Oct 23, 2024
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure...
Moderate
Unreviewed
CVE-2024-9530
was published
Oct 23, 2024
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection...
Moderate
Unreviewed
CVE-2024-50312
was published
Oct 22, 2024
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9541
was published
Oct 22, 2024
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information...
High
Unreviewed
CVE-2024-9627
was published
Oct 22, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8852
was published
Oct 22, 2024
secp256k1-node allows private key extraction over ECDH
High
CVE-2024-48930
was published
for
secp256k1
(npm)
Oct 21, 2024
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-9889
was published
Oct 19, 2024
This vulnerability could be exploited, leading to unauthorized disclosure of information to...
Moderate
Unreviewed
CVE-2024-42508
was published
Oct 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox...
Moderate
Unreviewed
CVE-2024-49284
was published
Oct 17, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-7417
was published
Oct 17, 2024
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in...
Moderate
Unreviewed
CVE-2017-20194
was published
Oct 16, 2024
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9540
was published
Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive...
Moderate
Unreviewed
CVE-2020-36835
was published
Oct 16, 2024
Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
High
CVE-2024-47824
was published
for
matrix-react-sdk
(npm)
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API