Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
Plone vulnerable to unauthorized disclosure of site content Moderate
CVE-2016-4042 was published for Plone (pip) May 17, 2022
Plone is vulnerable to File System Path Exposure Moderate
CVE-2013-4194 was published for plone (pip) May 17, 2022
Plone Filesystem path information leak Moderate
CVE-2013-7060 was published for Products.CMFPlone (pip) May 17, 2022
Plone is vulnerable to Information Exposure when generating zip archives Moderate
CVE-2013-4191 was published for plone (pip) May 17, 2022
Exposure of Sensitive Information in Plone Moderate
CVE-2012-5508 was published for Plone (pip) May 17, 2022
Plone User account enumeration via crafted URL Moderate
CVE-2012-5497 was published for plone (pip) May 17, 2022
tdunlap607
Plone Information Disclosure Moderate
CVE-2012-5491 was published for Plone (pip) May 17, 2022
Gradio has several components with post-process steps allow arbitrary file leaks Moderate
CVE-2024-47868 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Plone Metadata Disclosure Moderate
CVE-2012-5492 was published for Plone (pip) May 17, 2022
OMERO-web Sensitive Data Exposure Moderate
CVE-2020-7932 was published for omero-web (pip) May 24, 2022
Apache Superset: Improper error handling on alerts Moderate
CVE-2024-27315 was published for apache-superset (pip) Feb 28, 2024
oscerd
jwcrypto lacks the Random Filling protection mechanism Moderate
CVE-2016-6298 was published for jwcrypto (pip) May 17, 2022
openstack-heat may disclose sensitive information Moderate
CVE-2024-7319 was published for openstack-heat (pip) Aug 2, 2024
Exposure of Sensitive Information to an Unauthorized Actor in httpie Moderate
CVE-2022-24737 was published for httpie (pip) Mar 7, 2022
Home Assistant vulnerable to account takeover via auth_callback login Moderate
CVE-2023-41893 was published for homeassistant (pip) Oct 26, 2023
FreeIPA logs passwords embedded in commands in calls using batch Moderate
CVE-2019-10195 was published for freeipa (pip) May 24, 2022
Exposure of Sensitive Information in EVE-SRP Moderate
CVE-2020-36660 was published for EVE-SRP (pip) Feb 6, 2023
Django Data leakage via admin history log Moderate
CVE-2013-0305 was published for Django (pip) May 5, 2022
Django data leakage via querystring manipulation in admin Moderate
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
Django settings leak in date template filter Moderate
CVE-2015-8213 was published for Django (pip) May 17, 2022
sunSUNQ
Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2023-42781 was published for apache-airflow (pip) Nov 12, 2023
Apache Airflow information exposure vulnerability Moderate
CVE-2023-40712 was published for apache-airflow (pip) Sep 12, 2023
Apache Airflow vulnerable to Exposure of Sensitive Information Moderate
CVE-2023-46288 was published for apache-airflow (pip) Oct 23, 2023
Apache Airflow vulnerable to exposure of sensitive information Moderate
CVE-2023-35005 was published for apache-airflow (pip) Jun 19, 2023
Apache Airflow information disclosure vulnerability Moderate
CVE-2022-46651 was published for apache-airflow (pip) Jul 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database