Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,641
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,926 advisories

Loading
Nomad Search API Leaks Information About CSI Plugins Moderate
CVE-2023-3300 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Nomad ACL Policies without Label are Applied to Unexpected Resources Moderate
CVE-2023-3072 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Apache Submarine Commons Utils has a hard-coded secret Moderate
CVE-2024-36264 was published for apache-submarine (Maven) Jun 12, 2024
Layui has DOM Clobbering gadgets that leads to Cross-site Scripting Moderate
CVE-2024-47075 was published for layui (npm) Sep 26, 2024
jackfromeast ishmeals
Ory Kratos's setting required_aal `highest_available` does not properly respect code + mfa credentials Moderate
CVE-2024-45042 was published for github.com/ory/kratos (Go) Sep 26, 2024
IDOR vulnerability in account profile page Moderate
CVE-2024-39319 was published for aimeos/ai-controller-frontend (Composer) Sep 26, 2024
ssshah2131
HashiCorp Vault Improper Input Validation vulnerability Moderate
CVE-2023-4680 was published for github.com/hashicorp/vault (Go) Sep 15, 2023
Denial of service in rocket chat message parser Moderate
CVE-2024-46935 was published for @rocket.chat/message-parser (npm) Sep 25, 2024
HashiCorpVault does not correctly validate OCSP responses Moderate
CVE-2024-2660 was published for github.com/hashicorp/vault (Go) Apr 4, 2024
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2010-0828 was published for moin (pip) May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2011-1058 was published for moin (pip) May 17, 2022
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration Moderate
CVE-2010-0668 was published for moin (pip) May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2016-9119 was published for moin (pip) May 17, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2019-9644 was published for jupyter-notebook (pip) May 14, 2022
MoinMoin Multiple unrestricted file upload vulnerabilities Moderate
CVE-2012-6081 was published for moin (pip) May 17, 2022
MoinMoin Improper Access Control Moderate
CVE-2012-4404 was published for moin (pip) May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-6082 was published for moin (pip) May 17, 2022
MoinMoin Multiple vulnerable to directory traversal Moderate
CVE-2012-6495 was published for Moin (pip) May 17, 2022
MoinMoin Directory Traversal vulnerability Moderate
CVE-2012-6080 was published for moin (pip) May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability Moderate
CVE-2010-2969 was published for moin (pip) May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2010-2487 was published for moin (pip) May 17, 2022
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
NumPy Buffer Overflow (Disputed) Moderate
CVE-2021-33430 was published for numpy (pip) Jan 7, 2022
Jupyter Notebook open redirect vulnerability Moderate
CVE-2019-10856 was published for notebook (pip) Apr 9, 2019
mycli has Inadequate Encryption Strength Moderate
CVE-2023-44690 was published for mycli (pip) Oct 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database