Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-38847 was published Oct 26, 2023
An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2023-38846 was published Oct 26, 2023
An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-38849 was published Oct 26, 2023
The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain... High Unreviewed
CVE-2023-39736 was published Oct 25, 2023
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain... High Unreviewed
CVE-2023-39739 was published Oct 25, 2023
The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the... High Unreviewed
CVE-2023-39735 was published Oct 25, 2023
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel... High Unreviewed
CVE-2023-39737 was published Oct 25, 2023
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2023-42490 was published Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before... High Unreviewed
CVE-2023-46315 was published Oct 23, 2023
Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables High
CVE-2023-46115 was published for @tauri-apps/cli (npm) Oct 20, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing... High Unreviewed
CVE-2023-45912 was published Oct 18, 2023
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers... High Unreviewed
CVE-2023-5552 was published Oct 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-22086 was published Oct 18, 2023
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web... High Unreviewed
CVE-2023-22019 was published Oct 18, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server... High Unreviewed
CVE-2023-41752 was published Oct 17, 2023
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed
CVE-2023-4215 was published Oct 17, 2023
Vulnerability of package names' public keys not being verified in the security module.Successful... High Unreviewed
CVE-2023-44093 was published Oct 11, 2023
Vulnerability of the permission to access device SNs being improperly managed.Successful... High Unreviewed
CVE-2023-44097 was published Oct 11, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could... High Unreviewed
CVE-2023-5499 was published Oct 10, 2023
Quarkus OIDC can leak both ID and access tokens High
CVE-2023-1584 was published for io.quarkus:quarkus-oidc (Maven) Oct 4, 2023
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra... High Unreviewed
CVE-2023-3361 was published Oct 4, 2023
IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security... High Unreviewed
CVE-2022-22447 was published Oct 4, 2023
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an... High Unreviewed
CVE-2023-3349 was published Oct 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database