Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. Low
CVE-2023-49274 was published for Umbraco.CMS (NuGet) Dec 13, 2023
emmagarland
Mattermost fails to perform correct authorization checks when creating a playbook action,... Low Unreviewed
CVE-2023-6727 was published Dec 12, 2023
A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected... Low Unreviewed
CVE-2023-6615 was published Dec 8, 2023
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain... Low Unreviewed
CVE-2021-39008 was published Nov 24, 2023
Apache Storm Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files Low
CVE-2023-43123 was published for org.apache.storm:storm-core (Maven) Nov 23, 2023
MarkLee131
Exposure of Sensitive Information in Elastic APM .NET Agent Low
CVE-2021-22143 was published for Elastic.Apm (NuGet) Nov 22, 2023
MarkLee131
Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI... Low Unreviewed
CVE-2023-28723 was published Nov 14, 2023
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may... Low Unreviewed
CVE-2022-46646 was published Nov 14, 2023
Information Disclosure in typo3/cms-install tool Low
CVE-2023-47126 was published for typo3/cms-install (Composer) Nov 14, 2023
liayn
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47614 was published Nov 10, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Low
CVE-2023-5551 was published for moodle/moodle (Composer) Nov 9, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47616 was published Nov 9, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16... Low Unreviewed
CVE-2023-5831 was published Nov 6, 2023
A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6.... Low Unreviewed
CVE-2021-4430 was published Nov 6, 2023
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by... Low Unreviewed
CVE-2023-5920 was published Nov 2, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
vantage6 does not properly delete linked resources when deleting a collaboration Low
CVE-2023-41881 was published for vantage6 (pip) Oct 16, 2023
Undici's cookie header not cleared on cross-origin redirect in fetch Low
CVE-2023-45143 was published for undici (npm) Oct 16, 2023
ranjit-git KhafraDev
mcollina
A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by... Low Unreviewed
CVE-2023-5579 was published Oct 14, 2023
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2023-37939 was published Oct 10, 2023
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-44213 was published Oct 6, 2023
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023... Low Unreviewed
CVE-2023-30719 was published Sep 6, 2023
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms Low
CVE-2023-38700 was published for matrix-appservice-irc (npm) Aug 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database