Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

407 advisories

Loading
katello SQL Injection vulnerability Moderate
CVE-2018-14623 was published for katello (RubyGems) May 13, 2022
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0... Critical Unreviewed
CVE-2017-7945 was published May 13, 2022
In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed
CVE-2019-7550 was published May 13, 2022
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed
CVE-2018-14907 was published May 13, 2022
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP... Moderate Unreviewed
CVE-2010-3332 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... High Unreviewed
CVE-2019-9223 was published May 13, 2022
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-39023 was published May 7, 2022
When handling a mismatched pre-authentication cookie, the application leaks the internal error... Moderate Unreviewed
CVE-2022-26070 was published May 7, 2022
The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain... Moderate Unreviewed
CVE-2013-6879 was published May 5, 2022
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0... Moderate Unreviewed
CVE-2021-43206 was published May 5, 2022
TYPO3 leaks a hash secret in an error message Moderate
CVE-2009-0815 was published for typo3/cms (Composer) May 2, 2022
Apache Tomcat Leaks Information via Error Message Moderate
CVE-2002-2008 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Tomcat Leaks Pathname Information via Error Message Moderate
CVE-2002-2009 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to... Moderate Unreviewed
CVE-2000-1191 was published Apr 30, 2022
An information disclosure vulnerability was discovered in glusterfs server. An attacker could... Moderate Unreviewed
CVE-2018-10913 was published Apr 30, 2022
In APache APISIX before 3.13.1, an attacker can obtain a plugin-configured secret via an error... High Unreviewed
CVE-2022-29266 was published Apr 21, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0... Moderate Unreviewed
CVE-2021-39033 was published Apr 20, 2022
Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14... Moderate Unreviewed
CVE-2022-1120 was published Apr 5, 2022
An attacker can gain knowledge of a session temporary working folder where the getfile and... High Unreviewed
CVE-2021-32937 was published Apr 3, 2022
Path Disclosure within joomla/filesystem class Moderate
CVE-2022-23794 was published for joomla/filesystem (Composer) Mar 31, 2022
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed
CVE-2021-35251 was published Mar 11, 2022
An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote... Moderate Unreviewed
CVE-2021-46353 was published Mar 5, 2022
Ansible discloses sensitive information in traceback error message Moderate
CVE-2021-3620 was published for ansible (pip) Mar 4, 2022
jhutchings1
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support.... Moderate Unreviewed
CVE-2022-0563 was published Feb 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database