Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a... Low Unreviewed
CVE-2021-22193 was published May 24, 2022
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed
CVE-2020-6503 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed
CVE-2019-19342 was published May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed
CVE-2019-12903 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed
CVE-2014-8161 was published May 17, 2022
The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain... Moderate Unreviewed
CVE-2013-6879 was published May 5, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed
CVE-2020-9351 was published May 24, 2022
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-32756 was published Mar 22, 2024
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed
CVE-2019-12215 was published May 24, 2022
FrameworkUserBundle Generates Error Message Containing Sensitive Information High
CVE-2015-10012 was published for sumocoders/framework-user-bundle (Composer) Jan 3, 2023
A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-2009 was published Feb 29, 2024
An email address enumeration vulnerability exists in the password reset function of SEO Panel... Moderate Unreviewed
CVE-2024-22646 was published Jan 30, 2024
Exceptions displayed in non-debug configurations in Symfony Moderate
CVE-2020-5274 was published for symfony/error-handler (Composer) Mar 30, 2020
yceruto jderusse
LukaSikic
@backstage/backend-app-api leaks GitLab access tokens High
CVE-2023-6944 was published for @backstage/backend-app-api (npm) Jan 4, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product... Moderate Unreviewed
CVE-2024-21866 was published Feb 2, 2024
In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3... Moderate Unreviewed
CVE-2018-10624 was published May 13, 2022
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error... Moderate Unreviewed
CVE-2024-21619 was published Jan 26, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device... Moderate Unreviewed
CVE-2023-49107 was published Jan 16, 2024
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed
CVE-2023-45701 was published Dec 28, 2023
ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an... Moderate Unreviewed
CVE-2023-27319 was published Dec 22, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-47703 was published Dec 20, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2... Moderate Unreviewed
CVE-2023-42013 was published Dec 20, 2023
Due to improper error handling, a REST API resource could expose a server side error containing... Moderate Unreviewed
CVE-2023-6839 was published Dec 15, 2023
Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user... Moderate Unreviewed
CVE-2023-48393 was published Dec 15, 2023
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a... Moderate Unreviewed
CVE-2023-49878 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database