GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,836 advisories
Filter by severity
Apache Superset: Improper error handling on alerts
Moderate
CVE-2024-27315
was published
for
apache-superset
(pip)
Feb 28, 2024
OpenTofu potential leaking of secret variable values when using static evaluation in v1.8
Low
GHSA-wpr2-j6gr-pjw9
was published
for
github.com/opentofu/opentofu
(Go)
Oct 3, 2024
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4...
Moderate
Unreviewed
CVE-2023-5612
was published
Jan 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16...
Low
Unreviewed
CVE-2023-5831
was published
Nov 6, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8...
High
Unreviewed
CVE-2023-3993
was published
Aug 2, 2023
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,...
Moderate
Unreviewed
CVE-2023-3362
was published
Jul 13, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,...
Moderate
Unreviewed
CVE-2023-4532
was published
Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8,...
Moderate
Unreviewed
CVE-2023-3979
was published
Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3,...
Moderate
Unreviewed
CVE-2023-3949
was published
Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,...
High
Unreviewed
CVE-2023-3413
was published
Sep 29, 2023
A sensitive information leak issue has been discovered in GitLab EE affecting all versions...
Moderate
Unreviewed
CVE-2023-3102
was published
Jul 21, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to...
Low
Unreviewed
CVE-2023-2620
was published
Jul 13, 2023
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29...
Moderate
Unreviewed
CVE-2023-1401
was published
Jul 26, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8,...
Moderate
Unreviewed
CVE-2023-1210
was published
Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16...
Moderate
Unreviewed
CVE-2023-4378
was published
Sep 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5,...
Moderate
Unreviewed
CVE-2023-4630
was published
Sep 11, 2023
An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3...
Moderate
Unreviewed
CVE-2023-0989
was published
Sep 29, 2023
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based...
High
Unreviewed
CVE-2023-3705
was published
Aug 24, 2023
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission
Moderate
CVE-2024-47805
was published
for
org.jenkins-ci.plugins:credentials
(Maven)
Oct 2, 2024
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6...
High
Unreviewed
CVE-2023-39289
was published
Aug 26, 2023
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
Low
CVE-2024-47197
was published
for
org.apache.maven.plugins:maven-archetype-plugin
(Maven)
Sep 26, 2024
Liferay Portal vulnerable to user impersonation
High
CVE-2024-25148
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker...
Moderate
Unreviewed
CVE-2024-20491
was published
Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco...
Moderate
Unreviewed
CVE-2024-20490
was published
Oct 2, 2024
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines...
Moderate
Unreviewed
CVE-2023-1779
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API