GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
991 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur,...
Low
Unreviewed
CVE-2023-49748
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Vongries...
Low
Unreviewed
CVE-2023-49822
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login...
Low
Unreviewed
CVE-2023-48335
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login...
Low
Unreviewed
CVE-2023-47818
was published
Jun 4, 2024
Grafana Forward OAuth Identity Token can allow users to access some data sources
Low
CVE-2022-21673
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Kimai information disclosure vulnerability
Low
CVE-2024-4596
was published
for
kimai/kimai
(Composer)
May 7, 2024
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on...
Low
Unreviewed
CVE-2023-38301
was published
Apr 22, 2024
HCL Connections contains a user enumeration vulnerability. Certain actions could allow an...
Low
Unreviewed
CVE-2024-23557
was published
Apr 18, 2024
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network...
Low
Unreviewed
CVE-2024-3689
was published
Apr 12, 2024
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output
Low
GHSA-j5vm-7qcc-2wwg
was published
for
github.com/kopia/kopia
(Go)
Apr 10, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
Low
CVE-2024-30260
was published
for
undici
(npm)
Apr 4, 2024
Unauthenticated views may expose information to anonymous users
Low
CVE-2024-29199
was published
for
nautobot
(pip)
Mar 26, 2024
In Quarkus, git credentials could be inadvertently published
Low
CVE-2024-1979
was published
for
io.quarkus:quarkus-kubernetes-deployment
(Maven)
Mar 13, 2024
Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin
Low
GHSA-68c2-4mpx-qh95
was published
for
@sentry/react-native
(npm)
Mar 1, 2024
Mattermost race condition
Low
CVE-2024-1949
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
Mattermost incorrectly allows access individual posts
Low
CVE-2024-1952
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-48680
was published
Feb 27, 2024
Apache Camel data exposure vulnerability
Low
CVE-2024-22371
was published
for
org.apache.camel:camel-core
(Maven)
Feb 26, 2024
Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management...
Low
Unreviewed
CVE-2024-1591
was published
Feb 16, 2024
Undici proxy-authorization header not cleared on cross-origin redirect in fetch
Low
CVE-2024-24758
was published
for
undici
(npm)
Feb 16, 2024
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a...
Low
Unreviewed
CVE-2023-5081
was published
Jan 19, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management...
Low
Unreviewed
CVE-2024-0716
was published
Jan 19, 2024
IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. ...
Low
Unreviewed
CVE-2023-50950
was published
Jan 17, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as...
Low
Unreviewed
CVE-2024-0472
was published
Jan 13, 2024
ProTip!
Advisories are also available from the
GraphQL API