GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
982 advisories
Filter by severity
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may...
Low
Unreviewed
CVE-2022-46646
was published
Nov 14, 2023
Information Disclosure in typo3/cms-install tool
Low
CVE-2023-47126
was published
for
typo3/cms-install
(Composer)
Nov 14, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in...
Low
Unreviewed
CVE-2023-47614
was published
Nov 10, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Low
CVE-2023-5551
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in...
Low
Unreviewed
CVE-2023-47616
was published
Nov 9, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16...
Low
Unreviewed
CVE-2023-5831
was published
Nov 6, 2023
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6....
Low
Unreviewed
CVE-2021-4430
was published
Nov 6, 2023
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by...
Low
Unreviewed
CVE-2023-5920
was published
Nov 2, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views
Low
CVE-2023-45809
was published
for
wagtail
(pip)
Oct 19, 2023
vantage6 does not properly delete linked resources when deleting a collaboration
Low
CVE-2023-41881
was published
for
vantage6
(pip)
Oct 16, 2023
Undici's cookie header not cleared on cross-origin redirect in fetch
Low
CVE-2023-45143
was published
for
undici
(npm)
Oct 16, 2023
A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by...
Low
Unreviewed
CVE-2023-5579
was published
Oct 14, 2023
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in...
Low
Unreviewed
CVE-2023-37939
was published
Oct 10, 2023
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-44213
was published
Oct 6, 2023
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023...
Low
Unreviewed
CVE-2023-30719
was published
Sep 6, 2023
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This...
Low
Unreviewed
CVE-2023-4177
was published
Aug 6, 2023
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms
Low
CVE-2023-38700
was published
for
matrix-appservice-irc
(npm)
Aug 4, 2023
Secret displayed without masking by Chef Identity Plugin
Low
CVE-2023-39155
was published
for
org.jenkins-ci.plugins:chef-identity
(Maven)
Jul 26, 2023
Information Disclosure due to Out-of-scope Site Resolution
Low
CVE-2023-38499
was published
for
typo3/cms-core
(Composer)
Jul 25, 2023
A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and...
Low
Unreviewed
CVE-2021-4428
was published
Jul 18, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to...
Low
Unreviewed
CVE-2023-2620
was published
Jul 13, 2023
Apache Camel information exposure vulnerability
Low
CVE-2023-34442
was published
for
org.apache.camel:camel-jira
(Maven)
Jul 10, 2023
Vaadin vulnerable to possible information disclosure of class and method names in RPC response
Low
CVE-2023-25500
was published
for
com.vaadin:flow-server
(Maven)
Jun 22, 2023
Cilium vulnerable to information leakage via incorrect ReferenceGrant handling
Low
CVE-2023-34242
was published
for
github.com/cilium/cilium
(Go)
Jun 16, 2023
A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This...
Low
Unreviewed
CVE-2023-3231
was published
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API