Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
Better Call routing bug can lead to Cache Deception Moderate
GHSA-hq75-xg7r-rx6c was published for better-call (npm) Jul 11, 2025
mwlik
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0... Moderate Unreviewed
CVE-2025-1348 was published Jun 18, 2025
NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies High
CVE-2025-48947 was published for @auth0/nextjs-auth0 (npm) Jun 4, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2025-1334 was published Jun 3, 2025
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager... Low Unreviewed
CVE-2025-27525 was published May 15, 2025
IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which... Moderate Unreviewed
CVE-2023-43035 was published Apr 10, 2025
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read... Moderate Unreviewed
CVE-2024-31906 was published Jan 26, 2025
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be... Moderate Unreviewed
CVE-2024-22349 was published Jan 20, 2025
Flask-AppBuilder's login form allows browser to cache sensitive fields Moderate
CVE-2024-45314 was published for flask-appbuilder (pip) Sep 4, 2024
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which... Low Unreviewed
CVE-2024-30130 was published Jul 19, 2024
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10... Moderate Unreviewed
CVE-2022-38383 was published Jun 29, 2024
Apache Airflow does not return the "Cache-Control" header for dynamic content Low
CVE-2024-25142 was published for apache-airflow (pip) Jun 14, 2024
IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web... Moderate Unreviewed
CVE-2024-22333 was published Jun 13, 2024
IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by... Moderate Unreviewed
CVE-2024-22343 was published May 14, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read... Moderate Unreviewed
CVE-2023-46181 was published Mar 15, 2024
IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be... Moderate Unreviewed
CVE-2023-27545 was published Feb 29, 2024
A flaw was found In 3Scale Admin Portal. If a user logs out from the personal tokens page and... Moderate Unreviewed
CVE-2023-4910 was published Nov 6, 2023
IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1,... Low Unreviewed
CVE-2023-23469 was published Feb 1, 2023
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed
CVE-2021-42015 was published May 24, 2022
Rack-Cache caches sensitive headers Moderate
CVE-2012-2671 was published for rack-cache (RubyGems) May 17, 2022
Cache Manipulation Attack in Apache Traffic Control Moderate
CVE-2020-17522 was published for github.com/apache/trafficcontrol (Go) Jun 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database