Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Aimeos HTML client may potentially reveal sensitive information in error log High
CVE-2024-38516 was published for aimeos/ai-client-html (Composer) Jun 25, 2024
ssshah2131
Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the... Moderate Unreviewed
CVE-2024-27179 was published Jun 14, 2024
C300 information leak due to an analysis feature which allows extracting more memory over the... High Unreviewed
CVE-2023-5392 was published Apr 11, 2024
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message... Moderate Unreviewed
CVE-2023-28077 was published Feb 10, 2024
Vaadin vulnerable to possible information disclosure of class and method names in RPC response Low
CVE-2023-25500 was published for com.vaadin:flow-server (Maven) Jun 22, 2023
Dell BSAFE SSL-J when used in debug mode can reveal unnecessary information. An attacker could... Moderate Unreviewed
CVE-2022-34364 was published Feb 10, 2023
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 Moderate
CVE-2021-31412 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
ProTip! Advisories are also available from the GraphQL API