GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,058 advisories
Filter by severity
A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the...
Moderate
Unreviewed
CVE-2024-44820
was published
Sep 4, 2024
An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can...
Moderate
Unreviewed
CVE-2020-11447
was published
Nov 17, 2023
Ansible Sensitive Files Are Locally Readable
Moderate
CVE-2014-4658
was published
for
ansible
(pip)
May 17, 2022
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-6835
was published
Sep 5, 2024
A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01....
Moderate
Unreviewed
CVE-2024-8460
was published
Sep 5, 2024
A vulnerability, which was classified as problematic, was found in D-Link DNS-320 2.02b01. This...
Moderate
Unreviewed
CVE-2024-8461
was published
Sep 5, 2024
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user...
Moderate
Unreviewed
CVE-2023-34261
was published
Nov 3, 2023
Information disclosure in Apache Superset
Moderate
CVE-2020-1932
was published
for
apache-superset
(pip)
Feb 26, 2020
Users can view database names in Apache Superset
Moderate
CVE-2019-12414
was published
for
apache-superset
(pip)
Feb 26, 2020
Users able to query database metadata in Apache Superset
Moderate
CVE-2019-12413
was published
for
apache-superset
(pip)
Feb 26, 2020
Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by...
Moderate
Unreviewed
CVE-2024-2180
was published
Mar 15, 2024
Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by...
Moderate
Unreviewed
CVE-2024-2760
was published
Apr 23, 2024
gnark's Groth16 commitment extension unsound for more than one commitment
Moderate
CVE-2024-45039
was published
for
github.com/consensys/gnark
(Go)
Sep 6, 2024
Exposure of debug and metrics endpoints in Pomerium
Moderate
CVE-2022-24797
was published
for
github.com/pomerium/pomerium
(Go)
Sep 6, 2024
IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2018-1546
was published
May 13, 2022
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Moderate
CVE-2020-1753
was published
for
ansible
(pip)
Apr 7, 2021
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4...
Moderate
Unreviewed
CVE-2024-31490
was published
Sep 10, 2024
Apache RocketMQ Vulnerable to Unauthorized Exposure of Sensitive Data
Moderate
CVE-2024-23321
was published
for
org.apache.rocketmq:rocketmq-all
(Maven)
Jul 22, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed...
Moderate
Unreviewed
CVE-2023-41988
was published
Oct 25, 2023
Sensitive information disclosure due to spell-jacking. The following products are affected:...
Moderate
Unreviewed
CVE-2023-44156
was published
Sep 27, 2023
Ansible sensitive information disclosure
Moderate
CVE-2018-16876
was published
for
ansible
(pip)
May 13, 2022
Ansible discloses credential information
Moderate
CVE-2014-4660
was published
for
ansible
(pip)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Moderate
CVE-2020-1746
was published
for
ansible
(pip)
Apr 20, 2021
Apache Airflow information disclosure vulnerability
Moderate
CVE-2022-46651
was published
for
apache-airflow
(pip)
Jul 12, 2023
Apache Airflow vulnerable to exposure of sensitive information
Moderate
CVE-2023-35005
was published
for
apache-airflow
(pip)
Jun 19, 2023
ProTip!
Advisories are also available from the
GraphQL API