Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

983 advisories

Loading
Exposure of Sensitive information in httpie Low
CVE-2022-0430 was published for httpie (pip) Mar 16, 2022
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for... Low Unreviewed
CVE-2024-8612 was published Sep 20, 2024
Django User Enumeration Vulnerability Low
CVE-2016-2513 was published for django (pip) May 17, 2022
MarkLee131
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a... Low Unreviewed
CVE-2023-5081 was published Jan 19, 2024
ceph-deploy allows local users to obtain sensitive information by reading the file Low
CVE-2015-3010 was published for ceph-deploy (pip) May 17, 2022
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-48680 was published Feb 27, 2024
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-44213 was published Oct 6, 2023
Mattermost incorrectly allows access individual posts Low
CVE-2024-1952 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Ansible Low
CVE-2020-1739 was published for ansible (pip) Apr 7, 2021
ceph-deploy uses world-readable permissions on client.admin key Low
CVE-2015-4053 was published for ceph-deploy (pip) May 17, 2022
Libcloud does not properly scrub data when destroying a DigitalOcean node Low
CVE-2013-6480 was published for apache-libcloud (pip) May 14, 2022
Hwameistor Potential Permission Leakage of Cluster Level Low
CVE-2024-45054 was published for github.com/hwameistor/hwameistor (Go) Aug 29, 2024
younaman
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM... Low Unreviewed
CVE-2023-52238 was published Jul 9, 2024
HCL Connections contains a user enumeration vulnerability. Certain actions could allow an... Low Unreviewed
CVE-2024-23557 was published Apr 18, 2024
Mattermost race condition Low
CVE-2024-1949 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Sentry's Python SDK unintentionally exposes environment variables to subprocesses Low
CVE-2024-40647 was published for sentry-sdk (pip) Jul 18, 2024
kmichel-aiven
@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages) Low
CVE-2024-39919 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all... Low Unreviewed
CVE-2024-7060 was published Jul 25, 2024
Private tokens could appear in logs if context containing gRPC metadata is logged in github.com/grpc/grpc-go Low
GHSA-xr7q-jx4m-x55m was published for google.golang.org/grpc (Go) Jul 5, 2024
Container build can leak any path on the host into the container Low
GHSA-vp35-85q5-9f25 was published for github.com/docker/docker (Go) Nov 11, 2022
leonwxqian corhere
neersighted
Under certain circumstances, when the controller is in factory reset mode waiting for initial... Low Unreviewed
CVE-2024-32754 was published Jul 4, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a... Low Unreviewed
CVE-2024-39807 was published Jul 3, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the RemoteClusterFrame payloads... Low Unreviewed
CVE-2024-39353 was published Jul 3, 2024
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on... Low Unreviewed
CVE-2023-38301 was published Apr 22, 2024
ProTip! Advisories are also available from the GraphQL API