GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
103 advisories
Filter by severity
CSRF tokens leaked in URL by canned query form
Moderate
GHSA-q6j3-c4wc-63vw
was published
for
datasette
(pip)
Aug 11, 2020
Potential API key leak
Moderate
GHSA-63rq-p8fp-524q
was published
for
sopel-modules.weather
(pip)
Apr 13, 2021
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates
Moderate
CVE-2021-4180
was published
for
tripleo-heat-templates
(pip)
Mar 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
Moderate
CVE-2021-21336
was published
for
Products.PluggableAuthService
(pip)
Mar 8, 2021
OMERO.web exposes some unnecessary session information in the page
Moderate
CVE-2021-21376
was published
for
omero-web
(pip)
Mar 23, 2021
Information disclosure vulnerability in OnionShare
Moderate
CVE-2021-41867
was published
for
onionshare-cli
(pip)
Nov 19, 2021
OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Moderate
CVE-2014-3517
was published
for
nova
(pip)
May 14, 2022
Exposure of Sensitive Information in Plone
Moderate
CVE-2012-5508
was published
for
Plone
(pip)
May 17, 2022
OpenStack Cinder Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Moderate
CVE-2014-3641
was published
for
cinder
(pip)
May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file
Moderate
CVE-2015-5163
was published
for
glance
(pip)
May 17, 2022
OMERO-web Sensitive Data Exposure
Moderate
CVE-2020-7932
was published
for
omero-web
(pip)
May 24, 2022
OpenStack Object Storage (Swift) Sensitive Data Exposure
Moderate
CVE-2015-5223
was published
for
swift
(pip)
May 14, 2022
Weblate user account enumeration via reset password form
Moderate
CVE-2017-5537
was published
for
weblate
(pip)
May 17, 2022
Plone User account enumeration via crafted URL
Moderate
CVE-2012-5497
was published
for
plone
(pip)
May 17, 2022
aptdaemon Information Disclosure via Improper Input Validation in Transaction class
Moderate
CVE-2020-15703
was published
for
aptdaemon
(pip)
May 24, 2022
Roundup sensitive data disclosure vulnerability
Moderate
CVE-2014-6276
was published
for
roundup
(pip)
May 17, 2022
OpenStack Swift Discloses Secret URLs to Timing Attack
Moderate
CVE-2014-0006
was published
for
swift
(pip)
May 17, 2022
Plone Filesystem path information leak
Moderate
CVE-2013-7060
was published
for
plone
(pip)
May 17, 2022
Plone is vulnerable to information exposure via the object manager implementation
Moderate
CVE-2013-4196
was published
for
plone
(pip)
May 17, 2022
Plone is vulnerable to Information Exposure when generating zip archives
Moderate
CVE-2013-4191
was published
for
plone
(pip)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Requests
Moderate
CVE-2014-1830
was published
for
requests
(pip)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Requests
Moderate
CVE-2014-1829
was published
for
requests
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API