Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

8,915 advisories

Loading
backup-agoddard and backup_checksum have Information Exposure vulnerability High
CVE-2014-4993 was published for backup-agoddard (RubyGems) May 14, 2022
Fat Free CRM allows remote attackers to obtain sensitive information via a direct request Moderate
CVE-2013-7224 was published for fat_free_crm (RubyGems) May 17, 2022
Fat Free CRM vulnerable to Exposure of Sensitive Information Moderate
CVE-2013-7249 was published for fat_free_crm (RubyGems) May 17, 2022
Information disclosure issue in Active Resource High
CVE-2020-8151 was published for activeresource (RubyGems) May 21, 2020
rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings and objects Moderate
CVE-2016-4442 was published for rack-mini-profiler (RubyGems) Oct 24, 2017
rest-client allows local users to obtain sensitive information by reading the log Low
CVE-2015-3448 was published for rest-client (RubyGems) Oct 24, 2017
Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox High
CVE-2021-20259 was published for foreman_fog_proxmox (RubyGems) Jun 10, 2021
Authlogic Information Exposure vulnerability Moderate
CVE-2012-6497 was published for authlogic (RubyGems) May 14, 2022
kajam allows local users to obtain sensitive information by listing the process High
CVE-2014-4999 was published for kajam (RubyGems) May 14, 2022
lean-ruport allows local users to obtain sensitive information by listing the process High
CVE-2014-4998 was published for lean-ruport (RubyGems) May 14, 2022
VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file High
CVE-2014-4995 was published for VladTheEnterprising (RubyGems) May 14, 2022
point-cli allows local users to obtain sensitive information by listing the process High
CVE-2014-4997 was published for point-cli (RubyGems) May 14, 2022
Initial debug-host handler implementation could leak information and facilitate denial of service Moderate
GHSA-x477-fq37-q5wr was published for fortio.org/proxy (Go) Jan 27, 2023
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-0983 was published Dec 16, 2021
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,... Moderate Unreviewed
CVE-2022-24398 was published Mar 11, 2022
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by... Moderate Unreviewed
CVE-2020-14112 was published Mar 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI High
CVE-2022-25512 was published for FreeTAKServer-UI (pip) Mar 12, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Moderate Unreviewed
CVE-2022-25248 was published Mar 17, 2022
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix... Moderate Unreviewed
CVE-2011-1103 was published May 17, 2022
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)... Moderate Unreviewed
CVE-2011-0679 was published May 17, 2022
The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with... High Unreviewed
CVE-2011-0291 was published May 17, 2022
Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed
CVE-2010-4611 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible... Moderate Unreviewed
CVE-2010-4625 was published May 17, 2022
Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure... Low Unreviewed
CVE-2010-4525 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database