Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,770
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
pgAdmin has Incorrect Default Permissions High
CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025
The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11094 was published Nov 16, 2024
In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when... Moderate Unreviewed
CVE-2024-7049 was published Oct 10, 2024
A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon... High Unreviewed
CVE-2024-5148 was published Sep 2, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed
CVE-2024-41977 was published Aug 13, 2024
TYPO3 Security Misconfiguration in Frontend Session Handling High
GHSA-82vp-jr39-4j2j was published for typo3/cms-core (Composer) May 30, 2024
This vulnerability potentially allows unauthorized enumeration of information from the embedded... Moderate Unreviewed
CVE-2024-1223 was published Mar 14, 2024
Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination High
CVE-2024-27935 was published for deno (Rust) Mar 5, 2024
mmastrac
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user... Critical Unreviewed
CVE-2024-27455 was published Feb 26, 2024
Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. MİA-MED allows... High Unreviewed
CVE-2023-6519 was published Feb 8, 2024
Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may... High Unreviewed
CVE-2022-40210 was published May 10, 2023
Keycloak vulnerable to session takeover with OIDC offline refreshtokens Moderate
CVE-2022-3916 was published for org.keycloak:keycloak-parent (Maven) Dec 13, 2022
Flintholm
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database