Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

25 advisories

Loading
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7,... Moderate Unreviewed
CVE-2024-6389 was published Sep 12, 2024
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a... Moderate Unreviewed
CVE-2024-8687 was published Sep 11, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP... Moderate Unreviewed
CVE-2024-39740 was published Jul 15, 2024
Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL Moderate
CVE-2024-31223 was published for ethyca-fides (pip) Jul 5, 2024
RobertKeyser
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script... Moderate Unreviewed
CVE-2024-5735 was published Jul 3, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed
CVE-2024-6388 was published Jun 27, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon. Moderate Unreviewed
CVE-2022-4968 was published Jun 7, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2023-50180 was published May 14, 2024
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an... Moderate Unreviewed
CVE-2023-4605 was published Apr 5, 2024
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature... Moderate Unreviewed
CVE-2024-31419 was published Apr 3, 2024
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0... Moderate Unreviewed
CVE-2023-50959 was published Mar 31, 2024
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions... Moderate Unreviewed
CVE-2024-22124 was published Jan 9, 2024
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53,... Moderate Unreviewed
CVE-2023-41366 was published Nov 14, 2023
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template... Moderate Unreviewed
CVE-2023-34209 was published Oct 17, 2023
Ansible may expose private key Moderate
CVE-2023-4237 was published for ansible-core (pip) Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2023-20111 was published Aug 17, 2023
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app... Moderate Unreviewed
CVE-2023-0342 was published Jun 9, 2023
The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to... Moderate Unreviewed
CVE-2023-2541 was published Jun 7, 2023
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to... Moderate Unreviewed
CVE-2023-0005 was published Apr 12, 2023
A credentials leak was found in the OpenShift Container Platform. The private key for the... Moderate Unreviewed
CVE-2022-2403 was published Sep 2, 2022
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-31955 was published May 24, 2022
A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an... Moderate Unreviewed
CVE-2021-1544 was published May 24, 2022
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow... Moderate Unreviewed
CVE-2021-1535 was published May 24, 2022
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local... Moderate Unreviewed
CVE-2021-1235 was published May 24, 2022
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2022-20734 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API