Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
Apache Airflow: Connection sensitive details exposed to users with READ permissions Moderate
CVE-2025-54831 was published for apache-airflow (pip) Sep 26, 2025
IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing... Low Unreviewed
CVE-2024-49827 was published Aug 18, 2025
An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1... Moderate Unreviewed
CVE-2025-4976 was published Jul 25, 2025
Permission policy information leakage in Backstage permission system Moderate
CVE-2025-32791 was published for @backstage/plugin-permission-backend (npm) Apr 16, 2025
The Dario Health Internet-based server infrastructure is vulnerable due to exposure of... Moderate Unreviewed
CVE-2025-24316 was published Feb 28, 2025
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through... Moderate Unreviewed
CVE-2024-49354 was published Jan 18, 2025
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were... Low Unreviewed
CVE-2023-5117 was published Dec 25, 2024
An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4... Moderate Unreviewed
CVE-2023-3441 was published Oct 1, 2024
Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic... Moderate Unreviewed
CVE-2024-44121 was published Sep 10, 2024
Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa -... High Unreviewed
CVE-2024-7267 was published Aug 7, 2024
Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology... High Unreviewed
CVE-2023-6517 was published Feb 8, 2024
Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users Moderate
CVE-2023-40570 was published for datasette (pip) Aug 22, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,... Moderate Unreviewed
CVE-2023-36919 was published Jul 11, 2023
A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION... Moderate Unreviewed
CVE-2023-27465 was published Jun 13, 2023
Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak /... High Unreviewed
CVE-2022-30350 was published Mar 30, 2023
Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier is affected by:... Moderate Unreviewed
CVE-2019-1010283 was published May 24, 2022
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate... Moderate Unreviewed
CVE-2022-22541 was published Apr 13, 2022
Sensitive Information Exposure in Sylius Moderate
CVE-2022-24742 was published for sylius/sylius (Composer) Mar 14, 2022
Information Exposure vulnerability in Eclipse Jetty Moderate
CVE-2019-10246 was published for org.eclipse.jetty:jetty-server (Maven) Apr 23, 2019
Installation information leak in Eclipse Jetty Moderate
CVE-2019-10247 was published for org.eclipse.jetty:jetty-server (Maven) Apr 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database