GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
57 advisories
Filter by severity
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP...
Moderate
Unreviewed
CVE-2024-39740
was published
Jul 15, 2024
A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM...
High
Unreviewed
CVE-2024-39675
was published
Jul 9, 2024
Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL
Moderate
CVE-2024-31223
was published
for
ethyca-fides
(pip)
Jul 5, 2024
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script...
Moderate
Unreviewed
CVE-2024-5735
was published
Jul 3, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks...
Moderate
Unreviewed
CVE-2024-6388
was published
Jun 27, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon.
Moderate
Unreviewed
CVE-2022-4968
was published
Jun 7, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE...
Moderate
Unreviewed
CVE-2023-50180
was published
May 14, 2024
IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive...
High
Unreviewed
CVE-2024-31887
was published
Apr 17, 2024
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an...
Moderate
Unreviewed
CVE-2023-4605
was published
Apr 5, 2024
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature...
Moderate
Unreviewed
CVE-2024-31419
was published
Apr 3, 2024
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0...
Moderate
Unreviewed
CVE-2023-50959
was published
Mar 31, 2024
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a...
Low
Unreviewed
CVE-2023-5081
was published
Jan 19, 2024
Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft...
High
Unreviewed
CVE-2024-22125
was published
Jan 9, 2024
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions...
Moderate
Unreviewed
CVE-2024-22124
was published
Jan 9, 2024
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53,...
Moderate
Unreviewed
CVE-2023-41366
was published
Nov 14, 2023
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template...
Moderate
Unreviewed
CVE-2023-34209
was published
Oct 17, 2023
Ansible may expose private key
Moderate
CVE-2023-4237
was published
for
ansible-core
(pip)
Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2023-20111
was published
Aug 17, 2023
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep...
Moderate
Unreviewed
CVE-2023-37487
was published
Aug 8, 2023
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app...
Moderate
Unreviewed
CVE-2023-0342
was published
Jun 9, 2023
The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to...
Moderate
Unreviewed
CVE-2023-2541
was published
Jun 7, 2023
Landscape's server-status page exposed sensitive system information. This data leak included GET...
High
Unreviewed
CVE-2023-32550
was published
Jun 6, 2023
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to...
Moderate
Unreviewed
CVE-2023-0005
was published
Apr 12, 2023
Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository...
High
Unreviewed
CVE-2022-4366
was published
Dec 8, 2022
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information...
Moderate
Unreviewed
CVE-2022-38710
was published
Nov 4, 2022
ProTip!
Advisories are also available from the
GraphQL API