GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs
Moderate
CVE-2021-32822
was published
for
hbs
(npm)
Sep 2, 2021
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified...
Moderate
Unreviewed
CVE-2021-1406
was published
May 24, 2022
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR)...
Moderate
Unreviewed
CVE-2018-16970
was published
May 14, 2022
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation...
Moderate
Unreviewed
CVE-2017-9947
was published
May 13, 2022
Apache Thrift Node.js static web server sandbox escape
Moderate
CVE-2018-11798
was published
for
org.apache.thrift:libthrift
(Maven)
Jan 17, 2019
Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin
Moderate
CVE-2019-10320
was published
for
org.jenkins-ci.plugins:credentials
(Maven)
May 24, 2022
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-0191
was published
Jan 2, 2024
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the...
Moderate
Unreviewed
CVE-2023-4933
was published
Oct 16, 2023
cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406).
Moderate
Unreviewed
CVE-2018-20932
was published
May 24, 2022
A vulnerability in the web server functionality of Cisco Enterprise Network Functions...
Moderate
Unreviewed
CVE-2019-12623
was published
May 24, 2022
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the...
Moderate
Unreviewed
CVE-2023-4480
was published
Sep 5, 2023
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All...
Moderate
Unreviewed
CVE-2023-38558
was published
Sep 14, 2023
CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation
Moderate
CVE-2022-4318
was published
for
github.com/cri-o/cri-o
(Go)
Dec 29, 2022
sanitize-html Information Exposure vulnerability
Moderate
CVE-2024-21501
was published
for
sanitize-html
(npm)
Feb 24, 2024
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Moderate
Unreviewed
CVE-2023-5937
was published
May 15, 2024
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a...
Moderate
Unreviewed
CVE-2024-9671
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API