Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on... Moderate Unreviewed
CVE-2025-5141 was published Jun 17, 2025
An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access... Moderate Unreviewed
CVE-2025-4233 was published Jun 13, 2025
Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Low Unreviewed
CVE-2023-37517 was published May 1, 2025
Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Low Unreviewed
CVE-2024-30127 was published Apr 24, 2025
Missing "no cache" headers in HCL Leap permits user directory information to be cached. Low Unreviewed
CVE-2023-37516 was published Apr 24, 2025
The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and... High Unreviewed
CVE-2024-12314 was published Feb 18, 2025
JetBrains Ktor information disclosure Moderate
CVE-2024-49580 was published for io.ktor:ktor-client-core-jvm (Maven) Oct 17, 2024
AlexeyTsvetkov
Session is cached for OpenID and OAuth2 if `redirect` is not used High
CVE-2024-45596 was published for @directus/api (npm) Sep 10, 2024
joselcvarela
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2024-41906 was published Aug 13, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic... Moderate Unreviewed
CVE-2024-33004 was published May 14, 2024
CoreDNS may return invalid cache entries Moderate
CVE-2024-0874 was published for github.com/coredns/coredns (Go) Apr 25, 2024
Shopware's session is persistent in Cache for 404 pages Critical
CVE-2024-27917 was published for shopware/platform (Composer) Mar 6, 2024
Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client.... Moderate Unreviewed
CVE-2023-45696 was published Feb 10, 2024
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD... High Unreviewed
CVE-2023-37486 was published Aug 8, 2023
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-44854 was published Dec 26, 2022
Batched HTTP requests may set incorrect `cache-control` response header Moderate
GHSA-8r69-3cvp-wxc3 was published for @apollo/server (npm) Nov 2, 2022
The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app... Moderate Unreviewed
CVE-2022-32909 was published Nov 2, 2022
rdiffweb vulnerable to Use of Cache Containing Sensitive Information Moderate
CVE-2022-3292 was published for rdiffweb (pip) Sep 29, 2022
Kubernetes Unsafe Cacheing Moderate
CVE-2019-11244 was published for k8s.io/client-go (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database