GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
Eclipse Jetty Server generates error message containing sensitive information
Moderate
CVE-2018-12536
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
Critical severity vulnerability that affects Auth0-WCF-Service-JWT
Critical
CVE-2019-7644
was published
for
Auth0-WCF-Service-JWT
(NuGet)
Apr 18, 2019
Sensitive Data Exposure in parse-server
Moderate
CVE-2019-1020013
was published
for
parse-server
(npm)
Jul 11, 2019
Internal exception message exposure for login action in Sylius
Low
CVE-2019-16768
was published
for
sylius/sylius
(Composer)
Dec 5, 2019
Exceptions displayed in non-debug configurations in Symfony
Moderate
CVE-2020-5274
was published
for
symfony/error-handler
(Composer)
Mar 30, 2020
Authorization header is not sanitized in an error object in auth0
High
CVE-2020-15125
was published
for
auth0
(npm)
Jul 29, 2020
Reset Password / Login vulnerability in Sulu
Moderate
CVE-2020-15132
was published
for
sulu/sulu
(Composer)
Aug 5, 2020
Information Exposure in type-graphql
Low
GHSA-xf64-2f9p-6pqq
was published
for
type-graphql
(npm)
Sep 4, 2020
Potential sensitive information disclosed in error reports
Low
CVE-2021-21416
was published
for
django-registration
(pip)
Apr 6, 2021
ApiKey secret could be revelated on network issue
High
CVE-2021-21421
was published
for
node-etsy-client
(npm)
Apr 6, 2021
Exposure of class information in RESTEasy
Moderate
CVE-2021-20289
was published
for
org.jboss.resteasy:resteasy-core
(Maven)
Apr 7, 2021
Action Pack contains Information Disclosure / Unintended Method Execution vulnerability
High
CVE-2021-22885
was published
for
actionpack
(RubyGems)
May 5, 2021
Information leakage in Error Handler
Moderate
GHSA-9vxv-wpv4-f52p
was published
for
shopware/shopware
(Composer)
May 21, 2021
Generation of Error Message Containing Sensitive Information in RESTEasy client
Moderate
CVE-2020-25633
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
Jun 3, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,...
Moderate
Unreviewed
CVE-2021-38980
was published
Nov 24, 2021
Using XMLHttpRequest, an attacker could have identified installed applications by probing error...
Moderate
Unreviewed
CVE-2021-43542
was published
Dec 9, 2021
An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts...
Moderate
Unreviewed
CVE-2021-44155
was published
Dec 14, 2021
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
Unreviewed
CVE-2021-4177
was published
Dec 29, 2021
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
CVE-2022-0079
was published
for
showdoc/showdoc
(Composer)
Jan 6, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-38894
was published
Jan 11, 2022
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of...
High
Unreviewed
CVE-2022-22162
was published
Jan 20, 2022
User enumeration in livehelperchat
Moderate
CVE-2022-0083
was published
for
remdex/livehelperchat
(Composer)
Jan 21, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
ProTip!
Advisories are also available from the
GraphQL API