Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an... High Unreviewed
CVE-2023-3349 was published Oct 3, 2023
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config... High Unreviewed
CVE-2022-47892 was published Oct 3, 2023
`Cookie` HTTP header isn't stripped on cross-origin redirects High
CVE-2023-43804 was published for urllib3 (pip) Oct 2, 2023
ranjit-git pquentin
illia-v sethmlarson
Credited to ranjit-git, pquentin, illia-v, and sethmlarson
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... High Unreviewed
CVE-2023-3413 was published Sep 29, 2023
Data security classification vulnerability in the DDMP module. Successful exploitation of this... High Unreviewed
CVE-2023-41293 was published Sep 25, 2023
OpenStack Heat information leak vulnerability High
CVE-2023-1625 was published for openstack-heat (pip) Sep 24, 2023
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were... High Unreviewed
CVE-2023-39677 was published Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Exposure of sensitive information in ekorCCP and ekorRCI,... High Unreviewed
CVE-2022-47554 was published Sep 19, 2023
An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain... High Unreviewed
CVE-2023-42387 was published Sep 18, 2023
Apache Airflow information exposure vulnerability High
CVE-2023-40712 was published for apache-airflow (pip) Sep 12, 2023
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure... High Unreviewed
CVE-2023-4876 was published Sep 10, 2023
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote... High Unreviewed
CVE-2023-39620 was published Sep 8, 2023
Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in... High Unreviewed
CVE-2023-41741 was published Aug 31, 2023
IBM InfoSphere Information Systems 11.7 could expose information about the host system and... High Unreviewed
CVE-2023-24959 was published Aug 28, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... High Unreviewed
CVE-2023-39289 was published Aug 26, 2023
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based... High Unreviewed
CVE-2023-3705 was published Aug 24, 2023
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
Because of an authentication flaw an attacker would be capable of generating a web report that... High Unreviewed
CVE-2023-25913 was published Aug 21, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON... High Unreviewed
CVE-2023-40735 was published Aug 21, 2023
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an... High Unreviewed
CVE-2023-32495 was published Aug 16, 2023
Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading High
CVE-2023-40023 was published for github.com/yaklang/yaklang (Go) Aug 15, 2023
Phelaine
Credited to Phelaine
Vulnerability of input parameters being not strictly verified in the AMS module. Successful... High Unreviewed
CVE-2023-39383 was published Aug 13, 2023
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation... High Unreviewed
CVE-2023-39393 was published Aug 13, 2023
.NET Information Disclosure Vulnerability High
CVE-2023-35391 was published for Microsoft.AspNetCore.SignalR.Redis (NuGet) Aug 11, 2023
A previously generated artifact by an administrator could be accessed by an attacker. The... High Unreviewed
CVE-2023-32561 was published Aug 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database