GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
285 advisories
Filter by severity
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions...
Moderate
Unreviewed
CVE-2024-6544
was published
Sep 13, 2024
The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-7415
was published
Sep 6, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for...
Moderate
Unreviewed
CVE-2024-7426
was published
Sep 25, 2024
The Statutory Reporting application has a vulnerable file storage location, potentially enabling...
Moderate
Unreviewed
CVE-2023-42475
was published
Oct 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an...
Moderate
Unreviewed
CVE-2023-47152
was published
Jan 22, 2024
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details...
Moderate
Unreviewed
CVE-2023-41365
was published
Oct 10, 2023
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error
Low
CVE-2023-34110
was published
for
Flask-AppBuilder
(pip)
Jun 22, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
CVE-2024-43376
was published
for
Umbraco.Cms.Api.Management
(NuGet)
Aug 20, 2024
Potential sensitive information disclosed in error reports
Low
CVE-2021-21416
was published
for
django-registration
(pip)
Apr 6, 2021
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15...
Moderate
Unreviewed
CVE-2024-5435
was published
Sep 12, 2024
Sensitive Information in Error Messages in Apache Airflow
Moderate
CVE-2023-25695
was published
for
apache-airflow
(pip)
Mar 15, 2023
Ansible discloses sensitive information in traceback error message
Moderate
CVE-2021-3620
was published
for
ansible
(pip)
Mar 4, 2022
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It...
Moderate
Unreviewed
CVE-2024-8571
was published
Sep 8, 2024
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of...
Critical
Unreviewed
CVE-2024-28285
was published
May 14, 2024
CKAN may leak Solr credentials via error message in package_search action
Moderate
CVE-2024-41674
was published
for
ckan
(pip)
Aug 21, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2023-47728
was published
Aug 16, 2024
Path traversal allows leaking out-of-bound files from Argo CD repo-server
Moderate
CVE-2022-24731
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 24, 2022
Juju's unprivileged user running on charm node can leak any secret or relation data accessible to the local charm
High
GHSA-6vjm-54vp-mxhx
was published
for
github.com/juju/juju
(Go)
Aug 5, 2024
Grafana User enumeration via forget password
Moderate
CVE-2022-39307
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-39751
was published
Aug 6, 2024
Duplicate Advisory: Juju leaks of the sensitive context ID
High
GHSA-8c64-q78q-87r6
was published
for
github.com/juju/juju
(Go)
Jul 29, 2024
•
withdrawn
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server...
Critical
Unreviewed
CVE-2024-6980
was published
Jul 31, 2024
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML...
Low
Unreviewed
CVE-2024-5250
was published
Jul 30, 2024
An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application...
Moderate
Unreviewed
CVE-2024-31844
was published
May 21, 2024
ProTip!
Advisories are also available from the
GraphQL API