Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,986
Erlang
39
GitHub Actions
38
Go
2,626
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
954
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
Undici proxy-authorization header not cleared on cross-origin redirect in fetch Low
CVE-2024-24758 was published for undici (npm) Feb 16, 2024
T1m0n0 mcollina
Credited to T1m0n0 and mcollina
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a... Low Unreviewed
CVE-2023-5081 was published Jan 19, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed
CVE-2024-0716 was published Jan 19, 2024
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. ... Low Unreviewed
CVE-2023-50950 was published Jan 17, 2024
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The... Low Unreviewed
CVE-2024-20920 was published Jan 17, 2024
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported... Low Unreviewed
CVE-2024-20910 was published Jan 17, 2024
Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle... Low Unreviewed
CVE-2024-20955 was published Jan 17, 2024
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Low Unreviewed
CVE-2024-20914 was published Jan 17, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as... Low Unreviewed
CVE-2024-0472 was published Jan 13, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Low Unreviewed
CVE-2022-42839 was published Jan 11, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced... Low Unreviewed
CVE-2022-40696 was published Jan 9, 2024
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints... Low Unreviewed
CVE-2023-50346 was published Jan 3, 2024
Unauthenticated db-file-storage views Low
CVE-2023-50263 was published for nautobot (pip) Dec 13, 2023
Kircheneer
Credited to Kircheneer
Brute force exploit can be used to collect valid usernames Low
CVE-2023-49278 was published for Umbraco.CMS (NuGet) Dec 13, 2023
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. Low
CVE-2023-49274 was published for Umbraco.CMS (NuGet) Dec 13, 2023
emmagarland
Credited to emmagarland
Mattermost fails to perform correct authorization checks when creating a playbook action,... Low Unreviewed
CVE-2023-6727 was published Dec 12, 2023
A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected... Low Unreviewed
CVE-2023-6615 was published Dec 8, 2023
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain... Low Unreviewed
CVE-2021-39008 was published Nov 24, 2023
Exposure of Sensitive Information in Elastic APM .NET Agent Low
CVE-2021-22143 was published for Elastic.Apm (NuGet) Nov 22, 2023
MarkLee131
Credited to MarkLee131
Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI... Low Unreviewed
CVE-2023-28723 was published Nov 14, 2023
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may... Low Unreviewed
CVE-2022-46646 was published Nov 14, 2023
Information Disclosure in typo3/cms-install tool Low
CVE-2023-47126 was published for typo3/cms-install (Composer) Nov 14, 2023
liayn
Credited to liayn
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47614 was published Nov 10, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Low
CVE-2023-5551 was published for moodle/moodle (Composer) Nov 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database