GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs
Moderate
CVE-2021-32822
was published
for
hbs
(npm)
Sep 2, 2021
Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed...
High
Unreviewed
CVE-2016-10399
was published
May 17, 2022
Weave GitOps leaked cluster credentials into logs on connection errors
Critical
CVE-2022-31098
was published
for
github.com/weaveworks/weave-gitops
(Go)
Jun 23, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40363
was published
Feb 10, 2022
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified...
Moderate
Unreviewed
CVE-2021-1406
was published
May 24, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,...
High
Unreviewed
CVE-2018-10590
was published
May 13, 2022
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR)...
Moderate
Unreviewed
CVE-2018-16970
was published
May 14, 2022
The existence of a specifically requested local file can be found due to the double firing of the...
Low
Unreviewed
CVE-2017-5387
was published
May 14, 2022
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend
Critical
CVE-2023-28444
was published
for
angular-server-side-configuration
(npm)
Mar 24, 2023
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation...
Moderate
Unreviewed
CVE-2017-9947
was published
May 13, 2022
Apache Thrift Node.js static web server sandbox escape
Moderate
CVE-2018-11798
was published
for
org.apache.thrift:libthrift
(Maven)
Jan 17, 2019
An information exposure vulnerability has been found, the exploitation of which could allow a...
High
Unreviewed
CVE-2023-4595
was published
Nov 23, 2023
Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin
Moderate
CVE-2019-10320
was published
for
org.jenkins-ci.plugins:credentials
(Maven)
May 24, 2022
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-0191
was published
Jan 2, 2024
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain...
High
Unreviewed
CVE-2024-22433
was published
Feb 6, 2024
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the...
Moderate
Unreviewed
CVE-2023-4933
was published
Oct 16, 2023
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1)....
High
Unreviewed
CVE-2024-22045
was published
Mar 12, 2024
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
Moderate
Unreviewed
CVE-2018-20932
was published
May 24, 2022
A vulnerability in the web server functionality of Cisco Enterprise Network Functions...
Moderate
Unreviewed
CVE-2019-12623
was published
May 24, 2022
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the...
Moderate
Unreviewed
CVE-2023-4480
was published
Sep 5, 2023
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All...
Moderate
Unreviewed
CVE-2023-38558
was published
Sep 14, 2023
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores...
High
Unreviewed
CVE-2023-5003
was published
Oct 16, 2023
CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation
Moderate
CVE-2022-4318
was published
for
github.com/cri-o/cri-o
(Go)
Dec 29, 2022
An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows....
High
Unreviewed
CVE-2024-31954
was published
May 14, 2024
sanitize-html Information Exposure vulnerability
Moderate
CVE-2024-21501
was published
for
sanitize-html
(npm)
Feb 24, 2024
ProTip!
Advisories are also available from the
GraphQL API