GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
102 advisories
BBOT's gitlab.py exposes globally configured "gitlab" API key
Moderate
CVE-2025-10282
was published
for
bbot
(pip)
Oct 27, 2025
BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver
Moderate
CVE-2025-10281
was published
for
bbot
(pip)
Oct 9, 2025
Indico vulnerability allows attackers to bulk dump user details
Moderate
CVE-2025-53640
was published
for
indico
(pip)
Jul 14, 2025
urllib3's request body not stripped after redirect from 303 status changes request method to GET
Moderate
CVE-2023-45803
was published
for
urllib3
(pip)
Oct 17, 2023
Gradio has several components with post-process steps allow arbitrary file leaks
Moderate
CVE-2024-47868
was published
for
gradio
(pip)
Oct 10, 2024
Clear Text Credentials Exposed via Onboarding Task
Moderate
CVE-2023-48700
was published
for
nautobot-device-onboarding
(pip)
Nov 21, 2023
Comment reply notifications sent to incorrect users
Moderate
CVE-2022-21683
was published
for
wagtail
(pip)
Jan 21, 2022
ProTip!
Advisories are also available from the
GraphQL API