Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

197 advisories

Loading
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed
CVE-2023-45701 was published Dec 28, 2023
ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an... Moderate Unreviewed
CVE-2023-27319 was published Dec 22, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-47703 was published Dec 20, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2... Moderate Unreviewed
CVE-2023-42013 was published Dec 20, 2023
Due to improper error handling, a REST API resource could expose a server side error containing... Moderate Unreviewed
CVE-2023-6839 was published Dec 15, 2023
Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user... Moderate Unreviewed
CVE-2023-48393 was published Dec 15, 2023
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a... Moderate Unreviewed
CVE-2023-49878 was published Dec 13, 2023
jupyter-server errors include tracebacks with path information Moderate
CVE-2023-49080 was published for jupyter-server (pip) Dec 5, 2023
krsecu
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-43021 was published Dec 1, 2023
pimcore/admin-ui-classic-bundle Full Path Disclosure via re-export document Moderate
CVE-2023-47636 was published for pimcore/admin-ui-classic-bundle (Composer) Nov 15, 2023
xcapri
The response messages received from the eSOMS report generation using certain parameter queries... Moderate Unreviewed
CVE-2023-5514 was published Nov 1, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-43891 was published Oct 17, 2023
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page... Moderate Unreviewed
CVE-2023-5089 was published Oct 16, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when... Moderate Unreviewed
CVE-2023-5177 was published Oct 16, 2023
Google Sheets data source plugin for Grafana information disclosure vulnerability Moderate
CVE-2023-4457 was published for github.com/grafana/google-sheets-datasource (Go) Oct 16, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an... Moderate Unreviewed
CVE-2023-0833 was published Sep 27, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected... Moderate Unreviewed
CVE-2023-40725 was published Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version... Moderate Unreviewed
CVE-2023-37489 was published Sep 14, 2023
Apache Superset may expose internal traces on REST API endpoints Moderate
CVE-2023-39264 was published for apache-superset (pip) Sep 6, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-35124 was published Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2023-33834 was published Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed
CVE-2023-26272 was published Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed
CVE-2023-32755 was published Aug 25, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system... Moderate Unreviewed
CVE-2023-35009 was published Aug 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database