Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,644 advisories

Loading
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed
CVE-2024-37397 was published Sep 12, 2024
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web... High Unreviewed
CVE-2023-22019 was published Oct 18, 2023
Django Channels leakage of session identifiers using legacy AsgiHandler High
CVE-2020-35681 was published for channels (pip) Mar 19, 2021
Apache Atlas produces Stack trace in error response High
CVE-2017-3154 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before... High Unreviewed
CVE-2023-46315 was published Oct 23, 2023
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed
CVE-2024-45624 was published Sep 12, 2024
An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain... High Unreviewed
CVE-2023-38845 was published Oct 26, 2023
An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2023-38846 was published Oct 26, 2023
An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-38847 was published Oct 26, 2023
The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain... High Unreviewed
CVE-2023-39736 was published Oct 25, 2023
The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the... High Unreviewed
CVE-2023-39735 was published Oct 25, 2023
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel... High Unreviewed
CVE-2023-39737 was published Oct 25, 2023
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain... High Unreviewed
CVE-2023-39739 was published Oct 25, 2023
Apache Airflow Execution with Unnecessary Privileges High
CVE-2023-39508 was published for apache-airflow (pip) Aug 5, 2023
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-38849 was published Oct 26, 2023
Apache Airflow subject to Exposure of Sensitive Information High
CVE-2022-27949 was published for apache-airflow (pip) Nov 14, 2022
sunSUNQ
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. High Unreviewed
CVE-2023-37232 was published Sep 10, 2024
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... High Unreviewed
CVE-2019-14927 was published May 24, 2022
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed
CVE-2024-44408 was published Sep 6, 2024
An information disclosure vulnerability in the component users-grid-data.php of Ocomon before v4... High Unreviewed
CVE-2023-33558 was published Oct 26, 2023
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database... High Unreviewed
CVE-2023-52286 was published Dec 31, 2023
Ansible Exposes Sensitive Information High
CVE-2021-20228 was published for ansible (pip) May 25, 2022
Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a... High Unreviewed
CVE-2023-45024 was published Nov 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database