Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

994 advisories

Loading
Caddy allows enumeration of Certificates and Hostnames Low
CVE-2018-19148 was published for github.com/caddyserver/caddy (Go) May 14, 2022
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network... Low Unreviewed
CVE-2024-3689 was published Apr 12, 2024
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output Low
GHSA-j5vm-7qcc-2wwg was published for github.com/kopia/kopia (Go) Apr 10, 2024
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2023-37939 was published Oct 10, 2023
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023... Low Unreviewed
CVE-2023-30719 was published Sep 6, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http... Low Unreviewed
CVE-2023-31413 was published May 4, 2023
Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS... Low Unreviewed
CVE-2017-8087 was published May 24, 2022
In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSI_CHANGE... Low Unreviewed
CVE-2018-9581 was published May 24, 2022
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call ... Low Unreviewed
CVE-2017-18436 was published May 24, 2022
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log... Low Unreviewed
CVE-2017-18428 was published May 24, 2022
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable... Low Unreviewed
CVE-2017-18424 was published May 24, 2022
cPanel before 68.0.15 allows attackers to read backup files because they are world-readable... Low Unreviewed
CVE-2017-18391 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval... Low Unreviewed
CVE-2018-20942 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive... Low Unreviewed
CVE-2018-20946 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a... Low Unreviewed
CVE-2018-20944 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval... Low Unreviewed
CVE-2018-20943 was published May 24, 2022
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by... Low Unreviewed
CVE-2018-20939 was published May 24, 2022
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories... Low Unreviewed
CVE-2018-20894 was published May 24, 2022
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that... Low Unreviewed
CVE-2018-2005 was published May 24, 2022
In Quarkus, git credentials could be inadvertently published Low
CVE-2024-1979 was published for io.quarkus:quarkus-kubernetes-deployment (Maven) Mar 13, 2024
** DISPUTED ** On BC Vault devices, a side channel for the row-based SSD1309 OLED display was... Low Unreviewed
CVE-2019-14359 was published May 24, 2022
** DISPUTED ** On Mooltipass Mini devices, a side channel for the row-based OLED display was... Low Unreviewed
CVE-2019-14357 was published May 24, 2022
** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was... Low Unreviewed
CVE-2019-14355 was published May 24, 2022
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls... Low Unreviewed
CVE-2019-19039 was published May 24, 2022
Unauthenticated views may expose information to anonymous users Low
CVE-2024-29199 was published for nautobot (pip) Mar 26, 2024
joewesch
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database