Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

238 advisories

Loading
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page... Moderate Unreviewed
CVE-2023-5089 was published Oct 16, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when... Moderate Unreviewed
CVE-2023-5177 was published Oct 16, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an... Moderate Unreviewed
CVE-2023-0833 was published Sep 27, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected... Moderate Unreviewed
CVE-2023-40725 was published Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version... Moderate Unreviewed
CVE-2023-37489 was published Sep 14, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-35124 was published Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2023-33834 was published Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed
CVE-2023-26272 was published Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed
CVE-2023-32755 was published Aug 25, 2023
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2020-4868 was published Jul 31, 2023
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when... Moderate Unreviewed
CVE-2023-28514 was published May 19, 2023
In affected versions of Octopus Deploy it is possible to discover network details via error message Moderate Unreviewed
CVE-2022-4870 was published May 18, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error... Moderate Unreviewed
CVE-2023-27860 was published Apr 27, 2023
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed
CVE-2020-6503 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed
CVE-2019-19342 was published May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed
CVE-2019-12903 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed
CVE-2014-8161 was published May 17, 2022
The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain... Moderate Unreviewed
CVE-2013-6879 was published May 5, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed
CVE-2020-9351 was published May 24, 2022
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed
CVE-2019-12215 was published May 24, 2022
A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-2009 was published Feb 29, 2024
An email address enumeration vulnerability exists in the password reset function of SEO Panel... Moderate Unreviewed
CVE-2024-22646 was published Jan 30, 2024
Exceptions displayed in non-debug configurations in Symfony Moderate
CVE-2020-5274 was published for symfony/error-handler (Composer) Mar 30, 2020
yceruto jderusse
LukaSikic
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product... Moderate Unreviewed
CVE-2024-21866 was published Feb 2, 2024
In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3... Moderate Unreviewed
CVE-2018-10624 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database