GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
20,135 advisories
Filter by severity
OpenStack Keystone token expiration issues
Moderate
CVE-2012-3426
was published
for
Keystone
(pip)
May 17, 2022
OpenStack Keystone Allows Remote User Account Creation
High
CVE-2012-3542
was published
for
keystone
(pip)
May 17, 2022
Beaker Sensitive Information Disclosure vulnerability
Moderate
CVE-2012-3458
was published
for
beaker
(pip)
May 17, 2022
Silverstripe XSS Vulnerabilities
Moderate
CVE-2012-4968
was published
for
silverstripe/framework
(Composer)
May 17, 2022
Silverstripe CMS Arbitrary Code Execution
Moderate
CVE-2011-4962
was published
for
silverstripe/cms
(Composer)
May 17, 2022
Unescaped parameters in the PostgreSQL JDBC driver
High
CVE-2012-1618
was published
for
org.postgresql:postgresql
(Maven)
May 17, 2022
Apache Libcloud vulnerable to certificate impersonation
Moderate
CVE-2012-3446
was published
for
apache-libcloud
(pip)
May 17, 2022
Improper Access Control in JBoss mod_cluster
Moderate
CVE-2012-1154
was published
for
org.jboss.mod_cluster:mod_cluster
(Maven)
May 17, 2022
Python Keyring does not securely initialize encryption cipher
High
CVE-2012-4571
was published
for
keyring
(pip)
May 17, 2022
Improper Control of Generation of Code in Spring Security
Moderate
CVE-2011-2732
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
Symfony Access Control Vulnerability
Moderate
CVE-2012-6432
was published
for
symfony/symfony
(Composer)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Spring Security
Moderate
CVE-2012-5055
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
MoinMoin Directory Traversal vulnerability
Moderate
CVE-2012-6080
was published
for
moin
(pip)
May 17, 2022
MoinMoin Multiple vulnerable to directory traversal
Moderate
CVE-2012-6495
was published
for
Moin
(pip)
May 17, 2022
Symfony Allows URI Restrictions Bypass Via Double-Encoded String
Moderate
CVE-2012-6431
was published
for
symfony/http-foundation
(Composer)
May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability
Moderate
CVE-2012-6082
was published
for
moin
(pip)
May 17, 2022
User confusion in IronJacamar
Moderate
CVE-2012-3428
was published
for
org.jboss.ironjacamar:ironjacamar-jdbc
(Maven)
May 17, 2022
phpMyAdmin multiple cross-site scripting vulnerabilities
Low
CVE-2012-5339
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Unsafe Fetching of Javascript Code
Moderate
CVE-2012-5368
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Apache Axis2 Vulnerable to XML Signature wrapping attack
Moderate
CVE-2012-4418
was published
for
org.apache.axis2:axis2
(Maven)
May 17, 2022
OpenStack Nova Information leak in libvirt LVM-backed instances
Moderate
CVE-2012-5625
was published
for
nova
(pip)
May 17, 2022
Zend Framework XEE Vulnerability
Moderate
CVE-2012-6531
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
spree_auth_devise allows remote authenticated users to assign themselves arbitrary roles
Moderate
CVE-2013-2506
was published
for
spree_auth_devise
(RubyGems)
May 17, 2022
Improper Authentication in Apache Qpid
Moderate
CVE-2012-4446
was published
for
org.apache.qpid:qpid-client
(Maven)
May 17, 2022
Katello uses hard coded credential
Critical
CVE-2012-3503
was published
for
katello
(RubyGems)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API