GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,836 advisories
Filter by severity
Synapse does not apply enough checks to servers requesting auth events of events in a room
High
CVE-2022-39335
was published
for
matrix-synapse
(pip)
May 24, 2023
openstack-heat may disclose sensitive information
Moderate
CVE-2024-7319
was published
for
openstack-heat
(pip)
Aug 2, 2024
Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner.
Low
CVE-2021-39163
was published
for
matrix-synapse
(pip)
Sep 1, 2021
Improper authorisation of members discloses room membership to non-members
Low
CVE-2021-39164
was published
for
matrix-synapse
(pip)
Sep 1, 2021
Exposure of Sensitive Information to an Unauthorized Actor in httpie
Moderate
CVE-2022-24737
was published
for
httpie
(pip)
Mar 7, 2022
Exposure of sensitive information to an unauthorized actor in HyperKitty
High
CVE-2021-33038
was published
for
HyperKitty
(pip)
Jun 1, 2021
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information...
Moderate
Unreviewed
CVE-2022-38710
was published
Nov 4, 2022
Exposure of Sensitive information in httpie
Low
CVE-2022-0430
was published
for
httpie
(pip)
Mar 16, 2022
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to...
Moderate
Unreviewed
CVE-2023-40371
was published
Aug 24, 2023
Home Assistant information disclosure vulnerability
High
CVE-2018-21019
was published
for
homeassistant
(pip)
May 24, 2022
Home Assistant vulnerable to account takeover via auth_callback login
Moderate
CVE-2023-41893
was published
for
homeassistant
(pip)
Oct 26, 2023
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for...
Low
Unreviewed
CVE-2024-8612
was published
Sep 20, 2024
FreeIPA logs passwords embedded in commands in calls using batch
Moderate
CVE-2019-10195
was published
for
freeipa
(pip)
May 24, 2022
Exposure of Sensitive Information in EVE-SRP
Moderate
CVE-2020-36660
was published
for
EVE-SRP
(pip)
Feb 6, 2023
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
ZITADEL Allows Unauthorized Access After Organization or Project Deactivation
Moderate
CVE-2024-47060
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
Mautic allows users enumeration due to weak password login
Moderate
CVE-2024-47059
was published
for
mautic/core
(Composer)
Sep 18, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw`
Moderate
CVE-2024-45811
was published
for
vite
(npm)
Sep 17, 2024
Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`)
High
CVE-2024-45388
was published
for
github.com/spectolabs/hoverfly
(Go)
Sep 3, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information...
High
Unreviewed
CVE-2024-3305
was published
Sep 12, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when...
High
Unreviewed
CVE-2024-29968
was published
Apr 19, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
ProTip!
Advisories are also available from the
GraphQL API