GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
171 advisories
Filter by severity
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media...
High
Unreviewed
CVE-2023-2703
was published
May 23, 2023
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series...
Moderate
Unreviewed
CVE-2023-22918
was published
Apr 24, 2023
Information exposure in microweber
Moderate
CVE-2023-2239
was published
for
microweber/microweber
(Composer)
Apr 22, 2023
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
Low
CVE-2023-29203
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Apr 12, 2023
Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server
Moderate
CVE-2022-41936
was published
for
org.xwiki.platform:xwiki-platform-rest-server
(Maven)
Nov 21, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA),...
Moderate
Unreviewed
CVE-2022-20942
was published
Nov 4, 2022
In affected versions of Octopus Server it was identified that when a sensitive value is a...
Moderate
Unreviewed
CVE-2022-2720
was published
Oct 12, 2022
XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor
High
CVE-2022-36091
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Sep 16, 2022
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription...
Moderate
Unreviewed
CVE-2022-0852
was published
Aug 29, 2022
Exposure of password hashes in notrinos/notrinos-erp
High
CVE-2022-2921
was published
for
notrinos/notrinos-erp
(Composer)
Aug 22, 2022
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier)...
Moderate
Unreviewed
CVE-2021-28559
was published
May 24, 2022
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information...
Moderate
Unreviewed
CVE-2021-22876
was published
May 24, 2022
Mattermost Server: initial_load API exposes unnecessary information
High
CVE-2016-11066
was published
for
github.com/mattermost/mattermost-server
(Go)
May 24, 2022
Withdrawn Advisory: Incorrect Authorization in cross-fetch
Moderate
CVE-2022-1365
was published
for
cross-fetch
(npm)
Apr 17, 2022
•
withdrawn
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Unauthenticated user can list hidden document from multiple velocity templates in XWiki
Moderate
CVE-2022-24820
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Apr 8, 2022
Unauthenticated user can retrieve the list of users through uorgsuggest.vm
Moderate
CVE-2022-24819
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Apr 8, 2022
Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
Critical
CVE-2022-0482
was published
for
alextselegidis/easyappointments
(Composer)
Mar 10, 2022
Forwarding of confidentials headers to third parties in fluture-node
Low
CVE-2022-24719
was published
for
fluture-node
(npm)
Mar 1, 2022
Exposure of sensitive information in follow-redirects
High
CVE-2022-0155
was published
for
follow-redirects
(npm)
Jan 12, 2022
ProTip!
Advisories are also available from the
GraphQL API