GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,468 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW...
High
Unreviewed
CVE-2023-40600
was published
Nov 30, 2023
Apache DolphinScheduler sensitive information disclosure
High
CVE-2023-48796
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Nov 24, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software...
High
Unreviewed
CVE-2023-5983
was published
Nov 22, 2023
Attacker can cause Kyverno user to unintentionally consume insecure image
High
CVE-2023-47630
was published
for
github.com/kyverno/kyverno
(Go)
Nov 14, 2023
Label Studio Object Relational Mapper Leak Vulnerability in Filtering Task
High
CVE-2023-47117
was published
for
label-studio
(pip)
Nov 14, 2023
Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this...
High
Unreviewed
CVE-2023-46757
was published
Nov 8, 2023
Vulnerability of missing encryption in the card management module. Successful exploitation of...
High
Unreviewed
CVE-2023-44098
was published
Nov 8, 2023
Vulnerability of improper permission control in the Booster module. Impact: Successful...
High
Unreviewed
CVE-2023-44115
was published
Nov 8, 2023
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and...
High
Unreviewed
CVE-2023-4154
was published
Nov 7, 2023
An information disclosure vulnerability has been identified in the Lenovo App Store which may...
High
Unreviewed
CVE-2022-3611
was published
Oct 27, 2023
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
High
Unreviewed
CVE-2023-42490
was published
Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API
High
CVE-2023-46128
was published
for
nautobot
(pip)
Oct 24, 2023
Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables
High
CVE-2023-46115
was published
for
@tauri-apps/cli
(npm)
Oct 20, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a vulnerability...
High
Unreviewed
CVE-2023-34437
was published
Oct 19, 2023
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing...
High
Unreviewed
CVE-2023-45912
was published
Oct 18, 2023
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers...
High
Unreviewed
CVE-2023-5552
was published
Oct 18, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server...
High
Unreviewed
CVE-2023-41752
was published
Oct 17, 2023
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an...
High
Unreviewed
CVE-2023-4215
was published
Oct 17, 2023
Vulnerability of the permission to access device SNs being improperly managed.Successful...
High
Unreviewed
CVE-2023-44097
was published
Oct 11, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could...
High
Unreviewed
CVE-2023-5499
was published
Oct 10, 2023
Quarkus OIDC can leak both ID and access tokens
High
CVE-2023-1584
was published
for
io.quarkus:quarkus-oidc
(Maven)
Oct 4, 2023
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra...
High
Unreviewed
CVE-2023-3361
was published
Oct 4, 2023
IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security...
High
Unreviewed
CVE-2022-22447
was published
Oct 4, 2023
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an...
High
Unreviewed
CVE-2023-3349
was published
Oct 3, 2023
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config...
High
Unreviewed
CVE-2022-47892
was published
Oct 3, 2023
ProTip!
Advisories are also available from the
GraphQL API