Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2024-50425 was published Oct 30, 2024
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2024-49252 was published Oct 16, 2024
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have... Moderate Unreviewed
CVE-2024-9470 was published Oct 9, 2024
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7,... Moderate Unreviewed
CVE-2024-6389 was published Sep 12, 2024
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a... Moderate Unreviewed
CVE-2024-8687 was published Sep 11, 2024
Drupal Full Path Disclosure Moderate
CVE-2024-45440 was published for drupal/core (Composer) Aug 29, 2024
cmlara longwave
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP... Moderate Unreviewed
CVE-2024-39740 was published Jul 15, 2024
Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL Moderate
CVE-2024-31223 was published for ethyca-fides (pip) Jul 5, 2024
RobertKeyser
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script... Moderate Unreviewed
CVE-2024-5735 was published Jul 3, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed
CVE-2024-6388 was published Jun 27, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon. Moderate Unreviewed
CVE-2022-4968 was published Jun 7, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2023-50180 was published May 14, 2024
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an... Moderate Unreviewed
CVE-2023-4605 was published Apr 5, 2024
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature... Moderate Unreviewed
CVE-2024-31419 was published Apr 3, 2024
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0... Moderate Unreviewed
CVE-2023-50959 was published Mar 31, 2024
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions... Moderate Unreviewed
CVE-2024-22124 was published Jan 9, 2024
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53,... Moderate Unreviewed
CVE-2023-41366 was published Nov 14, 2023
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template... Moderate Unreviewed
CVE-2023-34209 was published Oct 17, 2023
Ansible may expose private key Moderate
CVE-2023-4237 was published for ansible-core (pip) Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2023-20111 was published Aug 17, 2023
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep... Moderate Unreviewed
CVE-2023-37487 was published Aug 8, 2023
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app... Moderate Unreviewed
CVE-2023-0342 was published Jun 9, 2023
The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to... Moderate Unreviewed
CVE-2023-2541 was published Jun 7, 2023
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to... Moderate Unreviewed
CVE-2023-0005 was published Apr 12, 2023
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed
CVE-2022-38710 was published Nov 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database