GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
986 advisories
Filter by severity
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Moderate
Unreviewed
CVE-2023-2916
was published
Aug 21, 2023
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It...
Moderate
Unreviewed
CVE-2023-39974
was published
Aug 17, 2023
Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure...
Moderate
Unreviewed
CVE-2023-39250
was published
Aug 16, 2023
Vulnerability of input parameters being not strictly verified in the AMS module. Successful...
High
Unreviewed
CVE-2023-39383
was published
Aug 13, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients'...
High
Unreviewed
CVE-2023-38830
was published
Aug 10, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information...
High
Unreviewed
CVE-2023-38955
was published
Aug 3, 2023
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive...
Moderate
Unreviewed
CVE-2023-33368
was published
Aug 3, 2023
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe...
High
Unreviewed
CVE-2023-3670
was published
Jul 28, 2023
Secret displayed without masking by Chef Identity Plugin
Low
CVE-2023-39155
was published
for
org.jenkins-ci.plugins:chef-identity
(Maven)
Jul 26, 2023
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29...
Moderate
Unreviewed
CVE-2023-1401
was published
Jul 26, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an...
High
Unreviewed
CVE-2022-46901
was published
Jul 25, 2023
Apache InLong: General user can delete and update process
Moderate
CVE-2023-34189
was published
for
org.apache.inlong:inlong-manager
(Maven)
Jul 25, 2023
eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the...
Moderate
Unreviewed
CVE-2023-37645
was published
Jul 21, 2023
Nomad Caller ACL Token’s Secret ID is Exposed to Sentinel
Low
CVE-2023-3299
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an...
Moderate
Unreviewed
CVE-2023-32759
was published
Jul 14, 2023
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an...
Moderate
Unreviewed
CVE-2023-32760
was published
Jul 14, 2023
An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via...
High
Unreviewed
CVE-2023-37599
was published
Jul 14, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an...
High
Unreviewed
CVE-2023-34119
was published
Jul 11, 2023
An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31818
was published
Jul 11, 2023
A security defect was discovered in Foundry job-tracker that enabled users to query metadata...
Moderate
Unreviewed
CVE-2023-30960
was published
Jul 11, 2023
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an...
High
Unreviewed
CVE-2023-3270
was published
Jul 10, 2023
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated
remote attacker to...
High
Unreviewed
CVE-2023-35696
was published
Jul 10, 2023
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
High
CVE-2023-31103
was published
for
org.apache.inlong:manager-dao
(Maven)
Jul 6, 2023
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
High
CVE-2023-31206
was published
for
org.apache.inlong:manager-dao
(Maven)
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API