GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
305 advisories
Filter by severity
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,...
High
Unreviewed
CVE-2021-26726
was published
Feb 17, 2022
Generation of Error Message Containing Sensitive Information in postgresql
Moderate
Unreviewed
CVE-2021-3393
was published
Feb 15, 2022
Wildfly logs plaintext passwords
Moderate
CVE-2020-25640
was published
for
org.wildfly:wildfly-parent
(Maven)
Feb 15, 2022
Generation of Error Message Containing Sensitive Information in Keycloak
Low
CVE-2020-1717
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
Generation of Error Message Containing Sensitive Information in microweber
Moderate
CVE-2022-0504
was published
for
microweber/microweber
(Composer)
Feb 9, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
User enumeration in livehelperchat
Moderate
CVE-2022-0083
was published
for
remdex/livehelperchat
(Composer)
Jan 21, 2022
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of...
High
Unreviewed
CVE-2022-22162
was published
Jan 20, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-38894
was published
Jan 11, 2022
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
CVE-2022-0079
was published
for
showdoc/showdoc
(Composer)
Jan 6, 2022
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
Unreviewed
CVE-2021-4177
was published
Dec 29, 2021
An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts...
Moderate
Unreviewed
CVE-2021-44155
was published
Dec 14, 2021
Using XMLHttpRequest, an attacker could have identified installed applications by probing error...
Moderate
Unreviewed
CVE-2021-43542
was published
Dec 9, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,...
Moderate
Unreviewed
CVE-2021-38980
was published
Nov 24, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
Generation of Error Message Containing Sensitive Information in RESTEasy client
Moderate
CVE-2020-25633
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
Jun 3, 2021
Information leakage in Error Handler
Moderate
GHSA-9vxv-wpv4-f52p
was published
for
shopware/shopware
(Composer)
May 21, 2021
Action Pack contains Information Disclosure / Unintended Method Execution vulnerability
High
CVE-2021-22885
was published
for
actionpack
(RubyGems)
May 5, 2021
Exposure of class information in RESTEasy
Moderate
CVE-2021-20289
was published
for
org.jboss.resteasy:resteasy-core
(Maven)
Apr 7, 2021
ApiKey secret could be revelated on network issue
High
CVE-2021-21421
was published
for
node-etsy-client
(npm)
Apr 6, 2021
Potential sensitive information disclosed in error reports
Low
CVE-2021-21416
was published
for
django-registration
(pip)
Apr 6, 2021
Information Exposure in type-graphql
Low
GHSA-xf64-2f9p-6pqq
was published
for
type-graphql
(npm)
Sep 4, 2020
Reset Password / Login vulnerability in Sulu
Moderate
CVE-2020-15132
was published
for
sulu/sulu
(Composer)
Aug 5, 2020
Authorization header is not sanitized in an error object in auth0
High
CVE-2020-15125
was published
for
auth0
(npm)
Jul 29, 2020
Exceptions displayed in non-debug configurations in Symfony
Moderate
CVE-2020-5274
was published
for
symfony/error-handler
(Composer)
Mar 30, 2020
ProTip!
Advisories are also available from the
GraphQL API