GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
101 advisories
Filter by severity
Plone vulnerable to unauthorized disclosure of site content
Moderate
CVE-2016-4042
was published
for
Plone
(pip)
May 17, 2022
Plone is vulnerable to File System Path Exposure
Moderate
CVE-2013-4194
was published
for
plone
(pip)
May 17, 2022
Plone Filesystem path information leak
Moderate
CVE-2013-7060
was published
for
Products.CMFPlone
(pip)
May 17, 2022
Plone is vulnerable to Information Exposure when generating zip archives
Moderate
CVE-2013-4191
was published
for
plone
(pip)
May 17, 2022
Exposure of Sensitive Information in Plone
Moderate
CVE-2012-5508
was published
for
Plone
(pip)
May 17, 2022
Plone User account enumeration via crafted URL
Moderate
CVE-2012-5497
was published
for
plone
(pip)
May 17, 2022
Gradio has several components with post-process steps allow arbitrary file leaks
Moderate
CVE-2024-47868
was published
for
gradio
(pip)
Oct 10, 2024
OMERO-web Sensitive Data Exposure
Moderate
CVE-2020-7932
was published
for
omero-web
(pip)
May 24, 2022
Apache Superset: Improper error handling on alerts
Moderate
CVE-2024-27315
was published
for
apache-superset
(pip)
Feb 28, 2024
jwcrypto lacks the Random Filling protection mechanism
Moderate
CVE-2016-6298
was published
for
jwcrypto
(pip)
May 17, 2022
openstack-heat may disclose sensitive information
Moderate
CVE-2024-7319
was published
for
openstack-heat
(pip)
Aug 2, 2024
Exposure of Sensitive Information to an Unauthorized Actor in httpie
Moderate
CVE-2022-24737
was published
for
httpie
(pip)
Mar 7, 2022
Home Assistant vulnerable to account takeover via auth_callback login
Moderate
CVE-2023-41893
was published
for
homeassistant
(pip)
Oct 26, 2023
FreeIPA logs passwords embedded in commands in calls using batch
Moderate
CVE-2019-10195
was published
for
freeipa
(pip)
May 24, 2022
Exposure of Sensitive Information in EVE-SRP
Moderate
CVE-2020-36660
was published
for
EVE-SRP
(pip)
Feb 6, 2023
Django Data leakage via admin history log
Moderate
CVE-2013-0305
was published
for
Django
(pip)
May 5, 2022
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django settings leak in date template filter
Moderate
CVE-2015-8213
was published
for
Django
(pip)
May 17, 2022
Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2023-42781
was published
for
apache-airflow
(pip)
Nov 12, 2023
Apache Airflow information exposure vulnerability
Moderate
CVE-2023-40712
was published
for
apache-airflow
(pip)
Sep 12, 2023
Apache Airflow vulnerable to Exposure of Sensitive Information
Moderate
CVE-2023-46288
was published
for
apache-airflow
(pip)
Oct 23, 2023
Apache Airflow vulnerable to exposure of sensitive information
Moderate
CVE-2023-35005
was published
for
apache-airflow
(pip)
Jun 19, 2023
Apache Airflow information disclosure vulnerability
Moderate
CVE-2022-46651
was published
for
apache-airflow
(pip)
Jul 12, 2023
ProTip!
Advisories are also available from the
GraphQL API