Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms Low
CVE-2023-38700 was published for matrix-appservice-irc (npm) Aug 4, 2023
Secret displayed without masking by Chef Identity Plugin Low
CVE-2023-39155 was published for org.jenkins-ci.plugins:chef-identity (Maven) Jul 26, 2023
Information Disclosure due to Out-of-scope Site Resolution Low
CVE-2023-38499 was published for typo3/cms-core (Composer) Jul 25, 2023
fe-hicking ohader
bnf
A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and... Low Unreviewed
CVE-2021-4428 was published Jul 18, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to... Low Unreviewed
CVE-2023-2620 was published Jul 13, 2023
Apache Camel information exposure vulnerability Low
CVE-2023-34442 was published for org.apache.camel:camel-jira (Maven) Jul 10, 2023
Vaadin vulnerable to possible information disclosure of class and method names in RPC response Low
CVE-2023-25500 was published for com.vaadin:flow-server (Maven) Jun 22, 2023
Cilium vulnerable to information leakage via incorrect ReferenceGrant handling Low
CVE-2023-34242 was published for github.com/cilium/cilium (Go) Jun 16, 2023
meyskens bayandin
A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This... Low Unreviewed
CVE-2023-3231 was published Jun 14, 2023
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers,... Low Unreviewed
CVE-2023-28322 was published May 26, 2023
Sensitive information disclosure due to insecure registry permissions. The following products are... Low Unreviewed
CVE-2022-45459 was published May 18, 2023
etcd Key name can be accessed via LeaseTimeToLive API Low
CVE-2023-32082 was published for github.com/etcd-io/etcd (Go) May 12, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http... Low Unreviewed
CVE-2023-31413 was published May 4, 2023
Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookies Low
CVE-2023-26049 was published for org.eclipse.jetty:jetty-server (Maven) Apr 18, 2023
arxenix jeffalder
Juiker app stores debug logs which contains sensitive information to mobile external storage. An... Low Unreviewed
CVE-2022-39043 was published Mar 27, 2023
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the... Low Unreviewed
CVE-2022-41862 was published Mar 3, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api... Low Unreviewed
CVE-2023-27266 was published Feb 27, 2023
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially... Low Unreviewed
CVE-2023-24069 was published Jan 23, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm... Low Unreviewed
CVE-2022-42266 was published Dec 31, 2022
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release... Low Unreviewed
CVE-2022-39904 was published Dec 8, 2022
Traefik may display authorization header in the debug logs Low
CVE-2022-23469 was published for github.com/traefik/traefik/v2 (Go) Dec 8, 2022
Temporary File Information Disclosure vulnerability in MPXJ Low
CVE-2022-41954 was published for mpxj (Maven) Nov 28, 2022
JLLeitschuh jkmartindale
Tailscale daemon is vulnerable to information disclosure via CSRF Low
CVE-2022-41925 was published for tailscale.com/cmd (Go) Nov 21, 2022
emilytrau JJJollyjim
Container build can leak any path on the host into the container Low
GHSA-vp35-85q5-9f25 was published for github.com/docker/docker (Go) Nov 11, 2022
leonwxqian corhere
neersighted
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database