GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
286 advisories
Filter by severity
Sensitive Information in Error Messages in Apache Airflow
Moderate
CVE-2023-25695
was published
for
apache-airflow
(pip)
Mar 15, 2023
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Moderate
CVE-2023-26051
was published
for
Saleor
(pip)
Mar 3, 2023
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Low
CVE-2023-26052
was published
for
saleor
(pip)
Mar 2, 2023
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7...
High
Unreviewed
CVE-2020-5026
was published
Mar 2, 2023
Apache Airflow AWS Provider Generates Error Message Containing Sensitive Information
High
CVE-2023-25956
was published
for
apache-airflow-providers-amazon
(pip)
Feb 24, 2023
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated...
Moderate
Unreviewed
CVE-2023-0655
was published
Feb 14, 2023
Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2022-46675
was published
Feb 11, 2023
Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message...
Moderate
Unreviewed
CVE-2022-46371
was published
Jan 12, 2023
PgHero Allows Information Disclosure Through EXPLAIN Feature
High
CVE-2023-22626
was published
for
pghero
(RubyGems)
Jan 5, 2023
FrameworkUserBundle Generates Error Message Containing Sensitive Information
High
CVE-2015-10012
was published
for
sumocoders/framework-user-bundle
(Composer)
Jan 3, 2023
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2022-22449
was published
Dec 24, 2022
When importing resources using Web Workers, error messages would distinguish the difference...
Moderate
Unreviewed
CVE-2022-22760
was published
Dec 22, 2022
ghinstallation returns app JWT in error responses
Moderate
CVE-2022-39304
was published
for
github.com/bradleyfalzon/ghinstallation
(Go)
Dec 19, 2022
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1...
Low
Unreviewed
CVE-2022-34881
was published
Dec 6, 2022
The application allowed for Unauthenticated User Enumeration by interacting with an unsecured...
Moderate
Unreviewed
CVE-2022-40292
was published
Nov 1, 2022
Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an...
Critical
Unreviewed
CVE-2021-42777
was published
Oct 29, 2022
In affected versions of Octopus Server it is possible to reveal the existence of resources in a...
Moderate
Unreviewed
CVE-2022-2508
was published
Oct 27, 2022
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2022-38107
was published
Oct 20, 2022
Kirby CMS vulnerable to user enumeration in the brute force protection
Moderate
CVE-2022-39315
was published
for
getkirby/cms
(Composer)
Oct 18, 2022
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the...
Moderate
Unreviewed
CVE-2022-2760
was published
Sep 29, 2022
Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage...
Moderate
Unreviewed
CVE-2022-34882
was published
Sep 7, 2022
Incorrect implementation of lockout feature in Keycloak
High
CVE-2021-3513
was published
for
org.keycloak:keycloak-parent
(Maven)
Aug 23, 2022
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6...
Moderate
Unreviewed
CVE-2021-39086
was published
Aug 17, 2022
Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages...
High
Unreviewed
CVE-2022-33930
was published
Aug 11, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2022-35715
was published
Aug 11, 2022
ProTip!
Advisories are also available from the
GraphQL API