GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk...
Low
Unreviewed
CVE-2024-38863
was published
Oct 14, 2024
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from...
Moderate
Unreviewed
CVE-2024-41738
was published
Nov 1, 2024
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local...
Low
Unreviewed
CVE-2023-6287
was published
Nov 27, 2023
Under certain circumstances the exacqVision Web Service can expose authentication token details...
Moderate
Unreviewed
CVE-2024-32931
was published
Aug 2, 2024
An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. The gateway exposes a web...
High
Unreviewed
CVE-2024-23766
was published
Jun 26, 2024
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that...
Moderate
Unreviewed
CVE-2023-50954
was published
Jun 30, 2024
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 ...
High
Unreviewed
CVE-2023-37935
was published
Oct 10, 2023
dectalk-tts Uses Unencrypted HTTP Request
High
CVE-2024-31206
was published
for
dectalk-tts
(npm)
Apr 4, 2024
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the...
Moderate
Unreviewed
CVE-2023-25524
was published
Aug 3, 2023
Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure...
Low
Unreviewed
CVE-2024-2745
was published
Apr 2, 2024
IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive...
Low
Unreviewed
CVE-2023-32335
was published
Mar 13, 2024
MLflow authentication requirement bypass can allow a user to arbitrarily create an account
Critical
CVE-2023-6014
was published
for
mlflow
(pip)
Nov 16, 2023
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via...
Low
Unreviewed
CVE-2023-50328
was published
Feb 2, 2024
Ray Missing Authorization vulnerability
Critical
CVE-2023-6020
was published
for
ray
(pip)
Nov 16, 2023
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A...
High
Unreviewed
CVE-2021-36328
was published
Dec 1, 2021
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive...
Moderate
Unreviewed
CVE-2021-21594
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API