Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,102 advisories

Loading
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms Low
CVE-2023-38700 was published for matrix-appservice-irc (npm) Aug 4, 2023
Secret displayed without masking by Chef Identity Plugin Low
CVE-2023-39155 was published for org.jenkins-ci.plugins:chef-identity (Maven) Jul 26, 2023
Information Disclosure due to Out-of-scope Site Resolution Low
CVE-2023-38499 was published for typo3/cms-core (Composer) Jul 25, 2023
fe-hicking Credited to fe-hicking, ohader, and bnf ohader ohader
bnf bnf
A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and... Low Unreviewed
CVE-2021-4428 was published Jul 18, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to... Low Unreviewed
CVE-2023-2620 was published Jul 13, 2023
Apache Camel information exposure vulnerability Low
CVE-2023-34442 was published for org.apache.camel:camel-jira (Maven) Jul 10, 2023
Vaadin vulnerable to possible information disclosure of class and method names in RPC response Low
CVE-2023-25500 was published for com.vaadin:flow-server (Maven) Jun 22, 2023
Cilium vulnerable to information leakage via incorrect ReferenceGrant handling Low
CVE-2023-34242 was published for github.com/cilium/cilium (Go) Jun 16, 2023
meyskens Credited to meyskens and bayandin bayandin bayandin
A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This... Low Unreviewed
CVE-2023-3231 was published Jun 14, 2023
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers,... Low Unreviewed
CVE-2023-28322 was published May 26, 2023
Sensitive information disclosure due to insecure registry permissions. The following products are... Low Unreviewed
CVE-2022-45459 was published May 18, 2023
etcd Key name can be accessed via LeaseTimeToLive API Low
CVE-2023-32082 was published for github.com/etcd-io/etcd (Go) May 12, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http... Low Unreviewed
CVE-2023-31413 was published May 4, 2023
Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookies Low
CVE-2023-26049 was published for org.eclipse.jetty:jetty-server (Maven) Apr 18, 2023
arxenix Credited to arxenix and jeffalder jeffalder jeffalder
An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9... Low Unreviewed
CVE-2023-0838 was published Apr 5, 2023
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a... Low Unreviewed
CVE-2021-3923 was published Mar 27, 2023
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness... Low Unreviewed
CVE-2023-1075 was published Mar 27, 2023
Juiker app stores debug logs which contains sensitive information to mobile external storage. An... Low Unreviewed
CVE-2022-39043 was published Mar 27, 2023
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the... Low Unreviewed
CVE-2022-41862 was published Mar 3, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api... Low Unreviewed
CVE-2023-27266 was published Feb 27, 2023
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially... Low Unreviewed
CVE-2023-24069 was published Jan 23, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm... Low Unreviewed
CVE-2022-42266 was published Dec 31, 2022
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release... Low Unreviewed
CVE-2022-39904 was published Dec 8, 2022
Traefik may display authorization header in the debug logs Low
CVE-2022-23469 was published for github.com/traefik/traefik/v2 (Go) Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database