Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47616 was published Nov 9, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16... Low Unreviewed
CVE-2023-5831 was published Nov 6, 2023
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6.... Low Unreviewed
CVE-2021-4430 was published Nov 6, 2023
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by... Low Unreviewed
CVE-2023-5920 was published Nov 2, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
Credited to quyenheu
vantage6 does not properly delete linked resources when deleting a collaboration Low
CVE-2023-41881 was published for vantage6 (pip) Oct 16, 2023
Undici's cookie header not cleared on cross-origin redirect in fetch Low
CVE-2023-45143 was published for undici (npm) Oct 16, 2023
ranjit-git KhafraDev
mcollina
Credited to ranjit-git, KhafraDev, and mcollina
A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by... Low Unreviewed
CVE-2023-5579 was published Oct 14, 2023
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2023-37939 was published Oct 10, 2023
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-44213 was published Oct 6, 2023
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023... Low Unreviewed
CVE-2023-30719 was published Sep 6, 2023
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Low Unreviewed
CVE-2023-38158 was published Aug 21, 2023
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms Low
CVE-2023-38700 was published for matrix-appservice-irc (npm) Aug 4, 2023
Secret displayed without masking by Chef Identity Plugin Low
CVE-2023-39155 was published for org.jenkins-ci.plugins:chef-identity (Maven) Jul 26, 2023
Information Disclosure due to Out-of-scope Site Resolution Low
CVE-2023-38499 was published for typo3/cms-core (Composer) Jul 25, 2023
fe-hicking ohader
bnf
Credited to fe-hicking, ohader, and bnf
A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and... Low Unreviewed
CVE-2021-4428 was published Jul 18, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to... Low Unreviewed
CVE-2023-2620 was published Jul 13, 2023
Apache Camel information exposure vulnerability Low
CVE-2023-34442 was published for org.apache.camel:camel-jira (Maven) Jul 10, 2023
Vaadin vulnerable to possible information disclosure of class and method names in RPC response Low
CVE-2023-25500 was published for com.vaadin:flow-server (Maven) Jun 22, 2023
Cilium vulnerable to information leakage via incorrect ReferenceGrant handling Low
CVE-2023-34242 was published for github.com/cilium/cilium (Go) Jun 16, 2023
meyskens bayandin
Credited to meyskens and bayandin
A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This... Low Unreviewed
CVE-2023-3231 was published Jun 14, 2023
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers,... Low Unreviewed
CVE-2023-28322 was published May 26, 2023
Sensitive information disclosure due to insecure registry permissions. The following products are... Low Unreviewed
CVE-2022-45459 was published May 18, 2023
etcd Key name can be accessed via LeaseTimeToLive API Low
CVE-2023-32082 was published for github.com/etcd-io/etcd (Go) May 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database