Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that... Moderate Unreviewed
CVE-2023-50954 was published Jun 30, 2024
dectalk-tts Uses Unencrypted HTTP Request High
CVE-2024-31206 was published for dectalk-tts (npm) Apr 4, 2024
AverageHelper JstnMcBrd
Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure... Low Unreviewed
CVE-2024-2745 was published Apr 2, 2024
IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive... Low Unreviewed
CVE-2023-32335 was published Mar 13, 2024
Session Token in URL in directus Low
CVE-2024-28238 was published for directus (npm) Mar 12, 2024
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via... Low Unreviewed
CVE-2023-50328 was published Feb 2, 2024
Ray Missing Authorization vulnerability Critical
CVE-2023-6020 was published for ray (pip) Nov 16, 2023
MLflow authentication requirement bypass can allow a user to arbitrarily create an account Critical
CVE-2023-6014 was published for mlflow (pip) Nov 16, 2023
MarkLee131 yoshizawa-masatoshi
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 ... High Unreviewed
CVE-2023-37935 was published Oct 10, 2023
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the... Moderate Unreviewed
CVE-2023-25524 was published Aug 3, 2023
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive... Moderate Unreviewed
CVE-2021-21594 was published May 24, 2022
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed
CVE-2021-36328 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API