GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

214 advisories

Filter by severity

Sort by

Least recently updated

The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page... Moderate Unreviewed

CVE-2023-5089 was published Oct 16, 2023

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when... Moderate Unreviewed

CVE-2023-5177 was published Oct 16, 2023

Google Sheets data source plugin for Grafana information disclosure vulnerability Moderate

CVE-2023-4457 was published for github.com/grafana/google-sheets-datasource (Go) Oct 16, 2023

The Statutory Reporting application has a vulnerable file storage location, potentially enabling... Moderate Unreviewed

CVE-2023-42475 was published Oct 10, 2023

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an... Moderate Unreviewed

CVE-2023-0833 was published Sep 27, 2023

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected... Moderate Unreviewed

CVE-2023-40725 was published Sep 14, 2023

Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version... Moderate Unreviewed

CVE-2023-37489 was published Sep 14, 2023

Apache Superset may expose internal traces on REST API endpoints Moderate

CVE-2023-39264 was published for apache-superset (pip) Sep 6, 2023

An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed

CVE-2023-35124 was published Sep 5, 2023

IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2023-33834 was published Aug 31, 2023

IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed

CVE-2023-26272 was published Aug 28, 2023

e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed

CVE-2023-32755 was published Aug 25, 2023

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system... Moderate Unreviewed

CVE-2023-35009 was published Aug 17, 2023

Jenkins Folders Plugin information disclosure vulnerability Moderate

CVE-2023-40338 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023

An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8,... Moderate Unreviewed

CVE-2023-1210 was published Aug 2, 2023

Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed

CVE-2023-31429 was published Aug 1, 2023

IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed

CVE-2020-4868 was published Jul 31, 2023

An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed

CVE-2023-3362 was published Jul 13, 2023

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when... Moderate Unreviewed

CVE-2023-28514 was published May 19, 2023

In affected versions of Octopus Deploy it is possible to discover network details via error message Moderate Unreviewed

CVE-2022-4870 was published May 18, 2023

Exposure of Sensitive Information in OPC UA .NET Standard Reference Server Moderate

CVE-2023-31048 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) May 5, 2023

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error... Moderate Unreviewed

CVE-2023-27860 was published Apr 27, 2023

User account enumeration in Serenity Moderate

CVE-2023-31286 was published for Serenity.Net.Core (NuGet) Apr 27, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-4770 was published Apr 3, 2023

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

214 advisories