Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,468 advisories

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW... High Unreviewed
CVE-2023-40600 was published Nov 30, 2023
Apache DolphinScheduler sensitive information disclosure High
CVE-2023-48796 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Nov 24, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software... High Unreviewed
CVE-2023-5983 was published Nov 22, 2023
Attacker can cause Kyverno user to unintentionally consume insecure image High
CVE-2023-47630 was published for github.com/kyverno/kyverno (Go) Nov 14, 2023
AdamKorcz
Label Studio Object Relational Mapper Leak Vulnerability in Filtering Task High
CVE-2023-47117 was published for label-studio (pip) Nov 14, 2023
alex-elttam
Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this... High Unreviewed
CVE-2023-46757 was published Nov 8, 2023
Vulnerability of missing encryption in the card management module. Successful exploitation of... High Unreviewed
CVE-2023-44098 was published Nov 8, 2023
Vulnerability of improper permission control in the Booster module. Impact: Successful... High Unreviewed
CVE-2023-44115 was published Nov 8, 2023
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and... High Unreviewed
CVE-2023-4154 was published Nov 7, 2023
An information disclosure vulnerability has been identified in the Lenovo App Store which may... High Unreviewed
CVE-2022-3611 was published Oct 27, 2023
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2023-42490 was published Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables High
CVE-2023-46115 was published for @tauri-apps/cli (npm) Oct 20, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing... High Unreviewed
CVE-2023-45912 was published Oct 18, 2023
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers... High Unreviewed
CVE-2023-5552 was published Oct 18, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server... High Unreviewed
CVE-2023-41752 was published Oct 17, 2023
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed
CVE-2023-4215 was published Oct 17, 2023
Vulnerability of the permission to access device SNs being improperly managed.Successful... High Unreviewed
CVE-2023-44097 was published Oct 11, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could... High Unreviewed
CVE-2023-5499 was published Oct 10, 2023
Quarkus OIDC can leak both ID and access tokens High
CVE-2023-1584 was published for io.quarkus:quarkus-oidc (Maven) Oct 4, 2023
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra... High Unreviewed
CVE-2023-3361 was published Oct 4, 2023
IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security... High Unreviewed
CVE-2022-22447 was published Oct 4, 2023
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an... High Unreviewed
CVE-2023-3349 was published Oct 3, 2023
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config... High Unreviewed
CVE-2022-47892 was published Oct 3, 2023
ProTip! Advisories are also available from the GraphQL API