Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML... Low Unreviewed
CVE-2024-5250 was published Jul 30, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the... Low Unreviewed
CVE-2024-3454 was published Jul 24, 2024
github.com/huandu/facebook may expose access_token in error message. Low
CVE-2024-35232 was published for github.com/huandu/facebook/v2 (Go) May 24, 2024
seiyab
Passbolt Api Retrieval of HTTP-only cookies Low
GHSA-f5pp-pmq8-gp46 was published for passbolt/passbolt_api (Composer) May 20, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain... Low Unreviewed
CVE-2023-23474 was published May 3, 2024
Generation of Error Message Containing Sensitive Information in Keycloak Low
CVE-2020-1717 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the... Low Unreviewed
CVE-2023-34339 was published Jun 1, 2023
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a... Low Unreviewed
CVE-2021-22193 was published May 24, 2022
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-32756 was published Mar 22, 2024
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error Low
CVE-2023-34110 was published for Flask-AppBuilder (pip) Jun 22, 2023
msegoviag
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions Low
CVE-2023-26052 was published for saleor (pip) Mar 2, 2023
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1... Low Unreviewed
CVE-2022-34881 was published Dec 6, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Low Unreviewed
CVE-2019-18947 was published May 24, 2022
If exploited, this vulnerability could allow attackers to gain sensitive information via... Low Unreviewed
CVE-2020-2505 was published May 24, 2022
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal... Low Unreviewed
CVE-2020-16128 was published May 24, 2022
PackageKit provided detailed error messages to unprivileged callers that exposed information... Low Unreviewed
CVE-2020-16121 was published May 24, 2022
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON... Low Unreviewed
CVE-2019-9455 was published May 24, 2022
Information Exposure in type-graphql Low
GHSA-xf64-2f9p-6pqq was published for type-graphql (npm) Sep 4, 2020
Internal exception message exposure for login action in Sylius Low
CVE-2019-16768 was published for sylius/sylius (Composer) Dec 5, 2019
Sensitive Data Exposure in seneca Low
CVE-2019-5483 was published for seneca (npm) Sep 11, 2019
ProTip! Advisories are also available from the GraphQL API