Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
Generation of Error Message Containing Sensitive Information in Keycloak Low
CVE-2020-1717 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Generation of Error Message Containing Sensitive Information in microweber Moderate
CVE-2022-0504 was published for microweber/microweber (Composer) Feb 9, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that... Moderate Unreviewed
CVE-2021-40338 was published Jan 29, 2022
User enumeration in livehelperchat Moderate
CVE-2022-0083 was published for remdex/livehelperchat (Composer) Jan 21, 2022
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of... High Unreviewed
CVE-2022-22162 was published Jan 20, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-38894 was published Jan 11, 2022
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information Moderate
CVE-2022-0079 was published for showdoc/showdoc (Composer) Jan 6, 2022
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information Moderate Unreviewed
CVE-2021-4177 was published Dec 29, 2021
An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts... Moderate Unreviewed
CVE-2021-44155 was published Dec 14, 2021
Using XMLHttpRequest, an attacker could have identified installed applications by probing error... Moderate Unreviewed
CVE-2021-43542 was published Dec 9, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,... Moderate Unreviewed
CVE-2021-38980 was published Nov 24, 2021
Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32712 was published for shopware/shopware (Composer) Sep 8, 2021
Generation of Error Message Containing Sensitive Information in RESTEasy client Moderate
CVE-2020-25633 was published for org.jboss.resteasy:resteasy-client (Maven) Jun 3, 2021
J4nsen
Information leakage in Error Handler Moderate
GHSA-9vxv-wpv4-f52p was published for shopware/shopware (Composer) May 21, 2021
Action Pack contains Information Disclosure / Unintended Method Execution vulnerability High
CVE-2021-22885 was published for actionpack (RubyGems) May 5, 2021
Exposure of class information in RESTEasy Moderate
CVE-2021-20289 was published for org.jboss.resteasy:resteasy-core (Maven) Apr 7, 2021
ApiKey secret could be revelated on network issue High
CVE-2021-21421 was published for node-etsy-client (npm) Apr 6, 2021
boly38
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Information Exposure in type-graphql Low
GHSA-xf64-2f9p-6pqq was published for type-graphql (npm) Sep 4, 2020
Reset Password / Login vulnerability in Sulu Moderate
CVE-2020-15132 was published for sulu/sulu (Composer) Aug 5, 2020
Synacktiv-contrib TomKeur
Prokyonn
Authorization header is not sanitized in an error object in auth0 High
CVE-2020-15125 was published for auth0 (npm) Jul 29, 2020
osdiab
Exceptions displayed in non-debug configurations in Symfony Moderate
CVE-2020-5274 was published for symfony/error-handler (Composer) Mar 30, 2020
yceruto jderusse
LukaSikic
Internal exception message exposure for login action in Sylius Low
CVE-2019-16768 was published for sylius/sylius (Composer) Dec 5, 2019
Sensitive Data Exposure in seneca Low
CVE-2019-5483 was published for seneca (npm) Sep 11, 2019
Sensitive Data Exposure in parse-server Moderate
CVE-2019-1020013 was published for parse-server (npm) Jul 11, 2019
fastrde acinader
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database