Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,836 advisories

Loading
Apache Superset: Improper error handling on alerts Moderate
CVE-2024-27315 was published for apache-superset (pip) Feb 28, 2024
oscerd
OpenTofu potential leaking of secret variable values when using static evaluation in v1.8 Low
GHSA-wpr2-j6gr-pjw9 was published for github.com/opentofu/opentofu (Go) Oct 3, 2024
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4... Moderate Unreviewed
CVE-2023-5612 was published Jan 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16... Low Unreviewed
CVE-2023-5831 was published Nov 6, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed
CVE-2023-3993 was published Aug 2, 2023
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed
CVE-2023-3362 was published Jul 13, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-4532 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8,... Moderate Unreviewed
CVE-2023-3979 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3,... Moderate Unreviewed
CVE-2023-3949 was published Dec 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... High Unreviewed
CVE-2023-3413 was published Sep 29, 2023
A sensitive information leak issue has been discovered in GitLab EE affecting all versions... Moderate Unreviewed
CVE-2023-3102 was published Jul 21, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to... Low Unreviewed
CVE-2023-2620 was published Jul 13, 2023
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29... Moderate Unreviewed
CVE-2023-1401 was published Jul 26, 2023
An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8,... Moderate Unreviewed
CVE-2023-1210 was published Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16... Moderate Unreviewed
CVE-2023-4378 was published Sep 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5,... Moderate Unreviewed
CVE-2023-4630 was published Sep 11, 2023
An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3... Moderate Unreviewed
CVE-2023-0989 was published Sep 29, 2023
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based... High Unreviewed
CVE-2023-3705 was published Aug 24, 2023
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission Moderate
CVE-2024-47805 was published for org.jenkins-ci.plugins:credentials (Maven) Oct 2, 2024
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... High Unreviewed
CVE-2023-39289 was published Aug 26, 2023
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials Low
CVE-2024-47197 was published for org.apache.maven.plugins:maven-archetype-plugin (Maven) Sep 26, 2024
Liferay Portal vulnerable to user impersonation High
CVE-2024-25148 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed
CVE-2024-20491 was published Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed
CVE-2024-20490 was published Oct 2, 2024
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines... Moderate Unreviewed
CVE-2023-1779 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database