Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

196 advisories

Loading
ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an... Moderate Unreviewed
CVE-2023-27319 was published Dec 22, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-47703 was published Dec 20, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2... Moderate Unreviewed
CVE-2023-42013 was published Dec 20, 2023
Due to improper error handling, a REST API resource could expose a server side error containing... Moderate Unreviewed
CVE-2023-6839 was published Dec 15, 2023
Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user... Moderate Unreviewed
CVE-2023-48393 was published Dec 15, 2023
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a... Moderate Unreviewed
CVE-2023-49878 was published Dec 13, 2023
jupyter-server errors include tracebacks with path information Moderate
CVE-2023-49080 was published for jupyter-server (pip) Dec 5, 2023
krsecu
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-43021 was published Dec 1, 2023
pimcore/admin-ui-classic-bundle Full Path Disclosure via re-export document Moderate
CVE-2023-47636 was published for pimcore/admin-ui-classic-bundle (Composer) Nov 15, 2023
xcapri
The response messages received from the eSOMS report generation using certain parameter queries... Moderate Unreviewed
CVE-2023-5514 was published Nov 1, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-43891 was published Oct 17, 2023
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page... Moderate Unreviewed
CVE-2023-5089 was published Oct 16, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when... Moderate Unreviewed
CVE-2023-5177 was published Oct 16, 2023
Google Sheets data source plugin for Grafana information disclosure vulnerability Moderate
CVE-2023-4457 was published for github.com/grafana/google-sheets-datasource (Go) Oct 16, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an... Moderate Unreviewed
CVE-2023-0833 was published Sep 27, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected... Moderate Unreviewed
CVE-2023-40725 was published Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version... Moderate Unreviewed
CVE-2023-37489 was published Sep 14, 2023
Apache Superset may expose internal traces on REST API endpoints Moderate
CVE-2023-39264 was published for apache-superset (pip) Sep 6, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-35124 was published Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2023-33834 was published Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed
CVE-2023-26272 was published Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed
CVE-2023-32755 was published Aug 25, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system... Moderate Unreviewed
CVE-2023-35009 was published Aug 17, 2023
Jenkins Folders Plugin information disclosure vulnerability Moderate
CVE-2023-40338 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
ProTip! Advisories are also available from the GraphQL API