GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,731
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,004
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,685

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

225 advisories

Filter by severity

Sort by

Least recently updated

Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed

CVE-2023-31429 was published Aug 1, 2023

IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed

CVE-2020-4868 was published Jul 31, 2023

Server information leak of configuration data when an error is generated in response to a... High Unreviewed

CVE-2023-25948 was published Jul 13, 2023

An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed

CVE-2023-3362 was published Jul 13, 2023

MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can... High Unreviewed

CVE-2023-37306 was published Jun 30, 2023

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the... Low Unreviewed

CVE-2023-34339 was published Jun 1, 2023

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when... Moderate Unreviewed

CVE-2023-28514 was published May 19, 2023

In affected versions of Octopus Deploy it is possible to discover network details via error message Moderate Unreviewed

CVE-2022-4870 was published May 18, 2023

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error... Moderate Unreviewed

CVE-2023-27860 was published Apr 27, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-4770 was published Apr 3, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-4769 was published Apr 3, 2023

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an... Moderate Unreviewed

CVE-2023-25687 was published Mar 21, 2023

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7... High Unreviewed

CVE-2020-5026 was published Mar 2, 2023

SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated... Moderate Unreviewed

CVE-2023-0655 was published Feb 14, 2023

Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A... Moderate Unreviewed

CVE-2022-46675 was published Feb 11, 2023

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message... Moderate Unreviewed

CVE-2022-46371 was published Jan 12, 2023

IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2022-22449 was published Dec 24, 2022

When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed

CVE-2022-22760 was published Dec 22, 2022

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1... Low Unreviewed

CVE-2022-34881 was published Dec 6, 2022

The application allowed for Unauthenticated User Enumeration by interacting with an unsecured... Moderate Unreviewed

CVE-2022-40292 was published Nov 1, 2022

Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an... Critical Unreviewed

CVE-2021-42777 was published Oct 29, 2022

In affected versions of Octopus Server it is possible to reveal the existence of resources in a... Moderate Unreviewed

CVE-2022-2508 was published Oct 27, 2022

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2022-38107 was published Oct 20, 2022

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed

CVE-2022-2760 was published Sep 29, 2022

Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage... Moderate Unreviewed

CVE-2022-34882 was published Sep 7, 2022

Previous 1 2 3 4 5 6 7 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

225 advisories