Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
Plone vulnerable to unauthorized disclosure of site content Moderate
CVE-2016-4042 was published for Plone (pip) May 17, 2022
Plone is vulnerable to File System Path Exposure Moderate
CVE-2013-4194 was published for plone (pip) May 17, 2022
python-keystoneclient unsecure user password update Low
CVE-2013-2013 was published for python-keystoneclient (pip) May 17, 2022
open-webui allows enumeration of file names and traversal of directories by observing the error messages Low
CVE-2024-7038 was published for open-webui (pip) Oct 9, 2024
Plone Filesystem path information leak Moderate
CVE-2013-7060 was published for Products.CMFPlone (pip) May 17, 2022
Plone is vulnerable to Information Exposure when generating zip archives Moderate
CVE-2013-4191 was published for plone (pip) May 17, 2022
Exposure of Sensitive Information in Plone Moderate
CVE-2012-5508 was published for Plone (pip) May 17, 2022
Plone User account enumeration via crafted URL Moderate
CVE-2012-5497 was published for plone (pip) May 17, 2022
tdunlap607
Plone Information Disclosure High
CVE-2012-5505 was published for Plone (pip) May 17, 2022
Plone Information Disclosure Moderate
CVE-2012-5491 was published for Plone (pip) May 17, 2022
Gradio has several components with post-process steps allow arbitrary file leaks Moderate
CVE-2024-47868 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Plone Metadata Disclosure Moderate
CVE-2012-5492 was published for Plone (pip) May 17, 2022
Paramiko Unsafe randomness usage may allow access to sensitive information High
CVE-2008-0299 was published for paramiko (pip) May 1, 2022
OMERO.web exposes some unnecessary session information in the page High
CVE-2021-21376 was published for omero-web (pip) Mar 23, 2021
OMERO-web Sensitive Data Exposure Moderate
CVE-2020-7932 was published for omero-web (pip) May 24, 2022
OpenStack Nova Server Resource Faults Leak External Exception Details High
CVE-2019-14433 was published for nova (pip) May 24, 2022
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
Apache Superset: Improper error handling on alerts Moderate
CVE-2024-27315 was published for apache-superset (pip) Feb 28, 2024
oscerd
MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set High
CVE-2010-0667 was published for moin (pip) May 2, 2022
anonymous4ACL24
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 dronex7070
d-maurer dataflake icemac
Temporary File Information Disclosure vulnerability in MPXJ Low
CVE-2022-41954 was published for mpxj (Maven) Nov 28, 2022
JLLeitschuh jkmartindale
openstack-mistral Discloses the presence of arbitrary files within the filesystem High
CVE-2018-16849 was published for mistral (pip) May 13, 2022
RhodeCode and Kallithea are vulnerable to sensitive information disclosure High
CVE-2015-0260 was published for Kallithea (pip) May 13, 2022
jwcrypto lacks the Random Filling protection mechanism Moderate
CVE-2016-6298 was published for jwcrypto (pip) May 17, 2022
Synapse does not apply enough checks to servers requesting auth events of events in a room High
CVE-2022-39335 was published for matrix-synapse (pip) May 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database