GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,032

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,972 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings and objects Moderate

CVE-2016-4442 was published for rack-mini-profiler (RubyGems) Oct 24, 2017

rest-client allows local users to obtain sensitive information by reading the log Low

CVE-2015-3448 was published for rest-client (RubyGems) Oct 24, 2017

Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox High

CVE-2021-20259 was published for foreman_fog_proxmox (RubyGems) Jun 10, 2021

Authlogic Information Exposure vulnerability Moderate

CVE-2012-6497 was published for authlogic (RubyGems) May 14, 2022

kajam allows local users to obtain sensitive information by listing the process High

CVE-2014-4999 was published for kajam (RubyGems) May 14, 2022

lean-ruport allows local users to obtain sensitive information by listing the process High

CVE-2014-4998 was published for lean-ruport (RubyGems) May 14, 2022

VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file High

CVE-2014-4995 was published for VladTheEnterprising (RubyGems) May 14, 2022

point-cli allows local users to obtain sensitive information by listing the process High

CVE-2014-4997 was published for point-cli (RubyGems) May 14, 2022

Initial debug-host handler implementation could leak information and facilitate denial of service Moderate

GHSA-x477-fq37-q5wr was published for fortio.org/proxy (Go) Jan 27, 2023

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed

CVE-2021-37036 was published Nov 24, 2021

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed

CVE-2021-0983 was published Dec 16, 2021

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,... Moderate Unreviewed

CVE-2022-24398 was published Mar 11, 2022

Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by... Moderate Unreviewed

CVE-2020-14112 was published Mar 11, 2022

Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI High

CVE-2022-25512 was published for FreeTAKServer-UI (pip) Mar 12, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Moderate Unreviewed

CVE-2022-25248 was published Mar 17, 2022

The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix... Moderate Unreviewed

CVE-2011-1103 was published May 17, 2022

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)... Moderate Unreviewed

CVE-2011-0679 was published May 17, 2022

The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with... High Unreviewed

CVE-2011-0291 was published May 17, 2022

Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed

CVE-2010-4611 was published May 17, 2022

Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure... Low Unreviewed

CVE-2010-4525 was published May 17, 2022

An information disclosure vulnerability exists due to a web server misconfiguration in the... High Unreviewed

CVE-2022-21236 was published Jan 29, 2022

An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed

CVE-2022-21199 was published Jan 29, 2022

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9... Moderate Unreviewed

CVE-2022-23235 was published Aug 26, 2022

Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs Moderate

CVE-2021-32822 was published for hbs (npm) Sep 2, 2021

Sylius PayPal Plugin allows unauthorized access to Credit card form, exposing payer name and not requiring 3DS High

CVE-2021-41120 was published for sylius/paypal-plugin (Composer) Oct 6, 2021

Previous 1…3…399 Next

Previous 1 2 3 4 5 … 398 399 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,972 advisories