Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor High
CVE-2022-36091 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
Exposure of password hashes in notrinos/notrinos-erp High
CVE-2022-2921 was published for notrinos/notrinos-erp (Composer) Aug 22, 2022
Information exposure in elgg High
CVE-2021-3980 was published for elgg/elgg (Composer) Dec 16, 2021
XWiki Platform may show email addresses in clear in REST results High
CVE-2023-35151 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Jun 20, 2023
Exposure of sensitive information in follow-redirects High
CVE-2022-0155 was published for follow-redirects (npm) Jan 12, 2022
AsyncSSH Rogue Session Attack High
CVE-2023-46446 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media... High Unreviewed
CVE-2023-2703 was published May 23, 2023
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability High Unreviewed
CVE-2024-26192 was published Feb 24, 2024
An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive... High Unreviewed
CVE-2024-33271 was published Apr 29, 2024
In the module "Login as customer PRO" (loginascustomerpro) <1.2.7 from Weblir for PrestaShop, a... High Unreviewed
CVE-2024-36677 was published Jun 19, 2024
An issue in Foundation.app Foundation platform 1.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-50053 was published Apr 30, 2024
In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a... High Unreviewed
CVE-2024-36682 was published Jun 25, 2024
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime... High Unreviewed
CVE-2024-30321 was published Jul 9, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software... High Unreviewed
CVE-2023-5983 was published Nov 22, 2023
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive... High Unreviewed
CVE-2024-45787 was published Sep 11, 2024
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed
CVE-2022-1252 was published Apr 12, 2022
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain... High Unreviewed
CVE-2024-47087 was published Sep 19, 2024
This vulnerability exists in LD DP Back Office due to improper validation of certain parameters ... High Unreviewed
CVE-2024-47085 was published Sep 19, 2024
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database