Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

232 advisories

Loading
An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-35124 was published Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2023-33834 was published Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed
CVE-2023-26272 was published Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed
CVE-2023-32755 was published Aug 25, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system... Moderate Unreviewed
CVE-2023-35009 was published Aug 17, 2023
Jenkins Folders Plugin information disclosure vulnerability Moderate
CVE-2023-40338 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8,... Moderate Unreviewed
CVE-2023-1210 was published Aug 2, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed
CVE-2023-31429 was published Aug 1, 2023
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2020-4868 was published Jul 31, 2023
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed
CVE-2023-3362 was published Jul 13, 2023
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error Moderate
CVE-2023-34110 was published for Flask-AppBuilder (pip) Jun 22, 2023
msegoviag
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when... Moderate Unreviewed
CVE-2023-28514 was published May 19, 2023
In affected versions of Octopus Deploy it is possible to discover network details via error message Moderate Unreviewed
CVE-2022-4870 was published May 18, 2023
In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted... Moderate Unreviewed
CVE-2023-21103 was published May 16, 2023
Exposure of Sensitive Information in OPC UA .NET Standard Reference Server Moderate
CVE-2023-31048 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) May 5, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error... Moderate Unreviewed
CVE-2023-27860 was published Apr 27, 2023
User account enumeration in Serenity Moderate
CVE-2023-31286 was published for Serenity.Net.Core (NuGet) Apr 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed
CVE-2022-4769 was published Apr 3, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed
CVE-2022-4770 was published Apr 3, 2023
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an... Moderate Unreviewed
CVE-2023-25687 was published Mar 21, 2023
Sensitive Information in Error Messages in Apache Airflow Moderate
CVE-2023-25695 was published for apache-airflow (pip) Mar 15, 2023
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions Moderate
CVE-2023-26051 was published for Saleor (pip) Mar 3, 2023
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated... Moderate Unreviewed
CVE-2023-0655 was published Feb 14, 2023
Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A... Moderate Unreviewed
CVE-2022-46675 was published Feb 11, 2023
Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message... Moderate Unreviewed
CVE-2022-46371 was published Jan 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database