Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Loading
HCL Sametime is impacted by the error messages containing sensitive information. An attacker can... Low Unreviewed
CVE-2023-50355 was published Oct 24, 2024
open-webui allows enumeration of file names and traversal of directories by observing the error messages Low
CVE-2024-7038 was published for open-webui (pip) Oct 9, 2024
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML... Low Unreviewed
CVE-2024-5250 was published Jul 30, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the... Low Unreviewed
CVE-2024-3454 was published Jul 24, 2024
Exposure of secrets through system log in Jenkins Structs Plugin Low
CVE-2024-39458 was published for org.jenkins-ci.plugins:structs (Maven) Jun 26, 2024
github.com/huandu/facebook may expose access_token in error message. Low
CVE-2024-35232 was published for github.com/huandu/facebook/v2 (Go) May 24, 2024
seiyab
Passbolt Api Retrieval of HTTP-only cookies Low
GHSA-f5pp-pmq8-gp46 was published for passbolt/passbolt_api (Composer) May 20, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain... Low Unreviewed
CVE-2023-23474 was published May 3, 2024
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-32756 was published Mar 22, 2024
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error Low
CVE-2023-34110 was published for Flask-AppBuilder (pip) Jun 22, 2023
msegoviag
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the... Low Unreviewed
CVE-2023-34339 was published Jun 1, 2023
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions Low
CVE-2023-26052 was published for saleor (pip) Mar 2, 2023
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1... Low Unreviewed
CVE-2022-34881 was published Dec 6, 2022
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a... Low Unreviewed
CVE-2021-22193 was published May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Low Unreviewed
CVE-2019-18947 was published May 24, 2022
If exploited, this vulnerability could allow attackers to gain sensitive information via... Low Unreviewed
CVE-2020-2505 was published May 24, 2022
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal... Low Unreviewed
CVE-2020-16128 was published May 24, 2022
PackageKit provided detailed error messages to unprivileged callers that exposed information... Low Unreviewed
CVE-2020-16121 was published May 24, 2022
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON... Low Unreviewed
CVE-2019-9455 was published May 24, 2022
Generation of Error Message Containing Sensitive Information in Keycloak Low
CVE-2020-1717 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Information Exposure in type-graphql Low
GHSA-xf64-2f9p-6pqq was published for type-graphql (npm) Sep 4, 2020
Internal exception message exposure for login action in Sylius Low
CVE-2019-16768 was published for sylius/sylius (Composer) Dec 5, 2019
Sensitive Data Exposure in seneca Low
CVE-2019-5483 was published for seneca (npm) Sep 11, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database