Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag Moderate
CVE-2019-25091 was published for nsupdate (pip) Dec 28, 2022
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. Moderate Unreviewed
CVE-2022-4630 was published Dec 21, 2022
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a... Low Unreviewed
CVE-2021-34563 was published May 24, 2022
Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie header Moderate
CVE-2010-4312 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
An information disclosure vulnerability exists in the web interface session cookie functionality... Moderate Unreviewed
CVE-2022-25172 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database