GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,641
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,926 advisories
Filter by severity
Nomad Search API Leaks Information About CSI Plugins
Moderate
CVE-2023-3300
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Nomad ACL Policies without Label are Applied to Unexpected Resources
Moderate
CVE-2023-3072
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Apache Submarine Commons Utils has a hard-coded secret
Moderate
CVE-2024-36264
was published
for
apache-submarine
(Maven)
Jun 12, 2024
Layui has DOM Clobbering gadgets that leads to Cross-site Scripting
Moderate
CVE-2024-47075
was published
for
layui
(npm)
Sep 26, 2024
Ory Kratos's setting required_aal `highest_available` does not properly respect code + mfa credentials
Moderate
CVE-2024-45042
was published
for
github.com/ory/kratos
(Go)
Sep 26, 2024
IDOR vulnerability in account profile page
Moderate
CVE-2024-39319
was published
for
aimeos/ai-controller-frontend
(Composer)
Sep 26, 2024
HashiCorp Vault Improper Input Validation vulnerability
Moderate
CVE-2023-4680
was published
for
github.com/hashicorp/vault
(Go)
Sep 15, 2023
Denial of service in rocket chat message parser
Moderate
CVE-2024-46935
was published
for
@rocket.chat/message-parser
(npm)
Sep 25, 2024
HashiCorpVault does not correctly validate OCSP responses
Moderate
CVE-2024-2660
was published
for
github.com/hashicorp/vault
(Go)
Apr 4, 2024
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-0828
was published
for
moin
(pip)
May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2011-1058
was published
for
moin
(pip)
May 17, 2022
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration
Moderate
CVE-2010-0668
was published
for
moin
(pip)
May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2016-9119
was published
for
moin
(pip)
May 17, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
Moderate
CVE-2019-9644
was published
for
jupyter-notebook
(pip)
May 14, 2022
MoinMoin Multiple unrestricted file upload vulnerabilities
Moderate
CVE-2012-6081
was published
for
moin
(pip)
May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability
Moderate
CVE-2012-6082
was published
for
moin
(pip)
May 17, 2022
MoinMoin Multiple vulnerable to directory traversal
Moderate
CVE-2012-6495
was published
for
Moin
(pip)
May 17, 2022
MoinMoin Directory Traversal vulnerability
Moderate
CVE-2012-6080
was published
for
moin
(pip)
May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability
Moderate
CVE-2010-2969
was published
for
moin
(pip)
May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-2487
was published
for
moin
(pip)
May 17, 2022
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
Jupyter Notebook open redirect vulnerability
Moderate
CVE-2019-10856
was published
for
notebook
(pip)
Apr 9, 2019
mycli has Inadequate Encryption Strength
Moderate
CVE-2023-44690
was published
for
mycli
(pip)
Oct 20, 2023
ProTip!
Advisories are also available from the
GraphQL API