GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
104 advisories
Ansible Community General Collection is vulnerable to exposure of sensitive information
Moderate
CVE-2025-14010
was published
for
ansible
(pip)
Dec 4, 2025
urllib3's request body not stripped after redirect from 303 status changes request method to GET
Moderate
CVE-2023-45803
was published
for
urllib3
(pip)
Oct 17, 2023
BBOT's gitlab.py exposes globally configured "gitlab" API key
Moderate
CVE-2025-10282
was published
for
bbot
(pip)
Oct 27, 2025
BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver
Moderate
CVE-2025-10281
was published
for
bbot
(pip)
Oct 9, 2025
Indico vulnerability allows attackers to bulk dump user details
Moderate
CVE-2025-53640
was published
for
indico
(pip)
Jul 14, 2025
Gradio has several components with post-process steps allow arbitrary file leaks
Moderate
CVE-2024-47868
was published
for
gradio
(pip)
Oct 10, 2024
Clear Text Credentials Exposed via Onboarding Task
Moderate
CVE-2023-48700
was published
for
nautobot-device-onboarding
(pip)
Nov 21, 2023
ProTip!
Advisories are also available from the
GraphQL API