Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

991 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced... Low Unreviewed
CVE-2022-40696 was published Jan 9, 2024
Unauthenticated db-file-storage views Low
CVE-2023-50263 was published for nautobot (pip) Dec 13, 2023
Kircheneer
Brute force exploit can be used to collect valid usernames Low
CVE-2023-49278 was published for Umbraco.CMS (NuGet) Dec 13, 2023
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. Low
CVE-2023-49274 was published for Umbraco.CMS (NuGet) Dec 13, 2023
emmagarland
Mattermost fails to perform correct authorization checks when creating a playbook action,... Low Unreviewed
CVE-2023-6727 was published Dec 12, 2023
A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected... Low Unreviewed
CVE-2023-6615 was published Dec 8, 2023
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain... Low Unreviewed
CVE-2021-39008 was published Nov 24, 2023
Apache Storm Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files Low
CVE-2023-43123 was published for org.apache.storm:storm-core (Maven) Nov 23, 2023
MarkLee131
Exposure of Sensitive Information in Elastic APM .NET Agent Low
CVE-2021-22143 was published for Elastic.Apm (NuGet) Nov 22, 2023
MarkLee131
Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI... Low Unreviewed
CVE-2023-28723 was published Nov 14, 2023
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may... Low Unreviewed
CVE-2022-46646 was published Nov 14, 2023
Information Disclosure in typo3/cms-install tool Low
CVE-2023-47126 was published for typo3/cms-install (Composer) Nov 14, 2023
liayn
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47614 was published Nov 10, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Low
CVE-2023-5551 was published for moodle/moodle (Composer) Nov 9, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47616 was published Nov 9, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16... Low Unreviewed
CVE-2023-5831 was published Nov 6, 2023
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6.... Low Unreviewed
CVE-2021-4430 was published Nov 6, 2023
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by... Low Unreviewed
CVE-2023-5920 was published Nov 2, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
vantage6 does not properly delete linked resources when deleting a collaboration Low
CVE-2023-41881 was published for vantage6 (pip) Oct 16, 2023
Undici's cookie header not cleared on cross-origin redirect in fetch Low
CVE-2023-45143 was published for undici (npm) Oct 16, 2023
ranjit-git KhafraDev
mcollina
A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by... Low Unreviewed
CVE-2023-5579 was published Oct 14, 2023
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2023-37939 was published Oct 10, 2023
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-44213 was published Oct 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database