GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
23 advisories
Filter by severity
Exposure of secrets through system log in Jenkins Structs Plugin
Low
CVE-2024-39458
was published
for
org.jenkins-ci.plugins:structs
(Maven)
Jun 26, 2024
HCL Sametime is impacted by the error messages containing sensitive information. An attacker can...
Low
Unreviewed
CVE-2023-50355
was published
Oct 24, 2024
open-webui allows enumeration of file names and traversal of directories by observing the error messages
Low
CVE-2024-7038
was published
for
open-webui
(pip)
Oct 9, 2024
Potential sensitive information disclosed in error reports
Low
CVE-2021-21416
was published
for
django-registration
(pip)
Apr 6, 2021
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML...
Low
Unreviewed
CVE-2024-5250
was published
Jul 30, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the...
Low
Unreviewed
CVE-2024-3454
was published
Jul 24, 2024
github.com/huandu/facebook may expose access_token in error message.
Low
CVE-2024-35232
was published
for
github.com/huandu/facebook/v2
(Go)
May 24, 2024
Passbolt Api Retrieval of HTTP-only cookies
Low
GHSA-f5pp-pmq8-gp46
was published
for
passbolt/passbolt_api
(Composer)
May 20, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain...
Low
Unreviewed
CVE-2023-23474
was published
May 3, 2024
Generation of Error Message Containing Sensitive Information in Keycloak
Low
CVE-2020-1717
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the...
Low
Unreviewed
CVE-2023-34339
was published
Jun 1, 2023
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a...
Low
Unreviewed
CVE-2021-22193
was published
May 24, 2022
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive...
Low
Unreviewed
CVE-2022-32756
was published
Mar 22, 2024
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Low
CVE-2023-26052
was published
for
saleor
(pip)
Mar 2, 2023
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1...
Low
Unreviewed
CVE-2022-34881
was published
Dec 6, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are...
Low
Unreviewed
CVE-2019-18947
was published
May 24, 2022
If exploited, this vulnerability could allow attackers to gain sensitive information via...
Low
Unreviewed
CVE-2020-2505
was published
May 24, 2022
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal...
Low
Unreviewed
CVE-2020-16128
was published
May 24, 2022
PackageKit provided detailed error messages to unprivileged callers that exposed information...
Low
Unreviewed
CVE-2020-16121
was published
May 24, 2022
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON...
Low
Unreviewed
CVE-2019-9455
was published
May 24, 2022
Information Exposure in type-graphql
Low
GHSA-xf64-2f9p-6pqq
was published
for
type-graphql
(npm)
Sep 4, 2020
Internal exception message exposure for login action in Sylius
Low
CVE-2019-16768
was published
for
sylius/sylius
(Composer)
Dec 5, 2019
ProTip!
Advisories are also available from the
GraphQL API