Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

406 advisories

Loading
Due to improper error handling, a REST API resource could expose a server side error containing... Moderate Unreviewed
CVE-2023-6839 was published Dec 15, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2... Moderate Unreviewed
CVE-2023-42013 was published Dec 20, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-47703 was published Dec 20, 2023
ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an... Moderate Unreviewed
CVE-2023-27319 was published Dec 22, 2023
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed
CVE-2023-45701 was published Dec 28, 2023
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application... Low Unreviewed
CVE-2023-50348 was published Jan 3, 2024
@backstage/backend-app-api leaks GitLab access tokens High
CVE-2023-6944 was published for @backstage/backend-app-api (npm) Jan 4, 2024
Windows TCP/IP Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-21313 was published Jan 9, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device... Moderate Unreviewed
CVE-2023-49107 was published Jan 16, 2024
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information Moderate
CVE-2024-21733 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jan 19, 2024
westonsteimel
Exposure of sensitive information in ClickHouse High
CVE-2024-23689 was published for com.clickhouse:clickhouse-client (Maven) Jan 19, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2023-47152 was published Jan 22, 2024
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error... Moderate Unreviewed
CVE-2024-21619 was published Jan 26, 2024
An email address enumeration vulnerability exists in the password reset function of SEO Panel... Moderate Unreviewed
CVE-2024-22646 was published Jan 30, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product... Moderate Unreviewed
CVE-2024-21866 was published Feb 2, 2024
Apache Superset: Improper error handling on alerts Moderate
CVE-2024-27315 was published for apache-superset (pip) Feb 28, 2024
oscerd
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6,... Moderate Unreviewed
CVE-2023-5617 was published Feb 29, 2024
A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-2009 was published Feb 29, 2024
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-32756 was published Mar 22, 2024
.NET Framework Information Disclosure Vulnerability High Unreviewed
CVE-2024-29059 was published Mar 23, 2024
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a... Moderate Unreviewed
CVE-2021-47161 was published Mar 25, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28939 was published Apr 9, 2024
An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2024-30614 was published Apr 12, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain... Low Unreviewed
CVE-2023-23474 was published May 3, 2024
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of... Critical Unreviewed
CVE-2024-28285 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database