Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker... Moderate Unreviewed
CVE-2024-25035 was published Dec 3, 2024
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE... Moderate Unreviewed
CVE-2024-53768 was published Nov 30, 2024
The uyuni-server-attestation systemd service needs a database_password environment variable. This... Moderate Unreviewed
CVE-2024-22037 was published Nov 28, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7... Moderate Unreviewed
CVE-2024-10240 was published Nov 26, 2024
A vulnerability exists in NSD570 that allows any authenticated user to access all device logs... Moderate Unreviewed
CVE-2024-9929 was published Nov 26, 2024
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00... Moderate Unreviewed
CVE-2024-41781 was published Nov 22, 2024
Exposure of sensitive system information to an unauthorized control sphere issue exists in... Moderate Unreviewed
CVE-2024-52033 was published Nov 20, 2024
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1234 was published Nov 18, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2024-36509 was published Nov 12, 2024
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2024-50425 was published Oct 30, 2024
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2024-49252 was published Oct 16, 2024
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have... Moderate Unreviewed
CVE-2024-9470 was published Oct 9, 2024
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a... Moderate Unreviewed
CVE-2024-8687 was published Sep 11, 2024
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep... Moderate Unreviewed
CVE-2023-37487 was published Aug 8, 2023
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed
CVE-2022-38710 was published Nov 4, 2022
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7,... Moderate Unreviewed
CVE-2024-6389 was published Sep 12, 2024
The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to... Moderate Unreviewed
CVE-2023-2541 was published Jun 7, 2023
Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script... Moderate Unreviewed
CVE-2024-5735 was published Jul 3, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP... Moderate Unreviewed
CVE-2024-39740 was published Jul 15, 2024
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-31955 was published May 24, 2022
netplan leaks the private key of wireguard to local users. A security fix will be released soon. Moderate Unreviewed
CVE-2022-4968 was published Jun 7, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed
CVE-2024-6388 was published Jun 27, 2024
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2023-50180 was published May 14, 2024
MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app... Moderate Unreviewed
CVE-2023-0342 was published Jun 9, 2023
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an... Moderate Unreviewed
CVE-2023-4605 was published Apr 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database