Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

584 advisories

Loading
Information Exposure on Case Insensitive File Systems in serve Moderate
CVE-2018-3809 was published for serve (npm) Jul 18, 2018
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2015-1828 was published for http (RubyGems) Mar 13, 2018
Moderate severity vulnerability that affects rails Moderate
CVE-2007-5379 was published for rails (RubyGems) Oct 24, 2017
actionpack and activesupport vulnerable to information leaks Moderate
CVE-2009-3086 was published for actionpack (RubyGems) Oct 24, 2017
jasnow
newrelic_rpm Gem Discloses Sensitive Information Moderate
CVE-2013-0284 was published for newrelic_rpm (RubyGems) Oct 24, 2017
jquery-rails and jquery-ujs subject to Exposure of Sensitive Information Moderate
CVE-2015-1840 was published for jquery-rails (RubyGems) Oct 24, 2017
Root Path Disclosure in send Moderate
CVE-2015-8859 was published for send (npm) Oct 24, 2017
tdunlap607
Exposure of Sensitive Information in bio-basespace-sdk Moderate
CVE-2013-7111 was published for bio-basespace-sdk (RubyGems) Oct 24, 2017
rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings and objects Moderate
CVE-2016-4442 was published for rack-mini-profiler (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database