GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
222 advisories
Filter by severity
Argo-cd authenticated users can enumerate clusters by name
Moderate
CVE-2024-36106
was published
for
github.com/argoproj/argo-cd
(Go)
Jun 6, 2024
silverstripe/framework may disclose database credentials during connection failure
Moderate
GHSA-m2hh-2m46-x6j5
was published
for
silverstripe/framework
(Composer)
May 28, 2024
Google Sheets data source plugin for Grafana information disclosure vulnerability
Moderate
CVE-2023-4457
was published
for
github.com/grafana/google-sheets-datasource
(Go)
Oct 16, 2023
Path Disclosure within joomla/filesystem class
Moderate
CVE-2022-23794
was published
for
joomla/filesystem
(Composer)
Mar 31, 2022
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
CVE-2024-21733
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jan 19, 2024
Windows TCP/IP Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-21313
was published
Jan 9, 2024
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS...
Moderate
Unreviewed
CVE-2019-11602
was published
May 24, 2022
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2022-43891
was published
Oct 17, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when...
Moderate
Unreviewed
CVE-2023-5177
was published
Oct 16, 2023
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page...
Moderate
Unreviewed
CVE-2023-5089
was published
Oct 16, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an...
Moderate
Unreviewed
CVE-2023-0833
was published
Sep 27, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected...
Moderate
Unreviewed
CVE-2023-40725
was published
Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version...
Moderate
Unreviewed
CVE-2023-37489
was published
Sep 14, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-35124
was published
Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2023-33834
was published
Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow...
Moderate
Unreviewed
CVE-2023-26272
was published
Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated...
Moderate
Unreviewed
CVE-2023-32755
was published
Aug 25, 2023
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when...
Moderate
Unreviewed
CVE-2020-4868
was published
Jul 31, 2023
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when...
Moderate
Unreviewed
CVE-2023-28514
was published
May 19, 2023
In affected versions of Octopus Deploy it is possible to discover network details via error message
Moderate
Unreviewed
CVE-2022-4870
was published
May 18, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error...
Moderate
Unreviewed
CVE-2023-27860
was published
Apr 27, 2023
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a...
Moderate
Unreviewed
CVE-2020-6503
was published
May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ...
Moderate
Unreviewed
CVE-2019-19342
was published
May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails...
Moderate
Unreviewed
CVE-2019-12903
was published
May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x...
Moderate
Unreviewed
CVE-2014-8161
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API