GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,724

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

168 advisories

Filter by severity

Sort by

Least recently updated

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2021-35251 was published Mar 11, 2022

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14... Moderate Unreviewed

CVE-2022-1120 was published Apr 5, 2022

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0... Moderate Unreviewed

CVE-2021-39033 was published Apr 20, 2022

White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Moderate Unreviewed

CVE-2020-20470 was published May 24, 2022

An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote... Moderate Unreviewed

CVE-2020-23995 was published May 24, 2022

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed

CVE-2022-26973 was published Jun 3, 2022

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information... Moderate Unreviewed

CVE-2022-31229 was published Jun 29, 2022

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could... Moderate Unreviewed

CVE-2021-39018 was published Jul 15, 2022

An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid... Moderate Unreviewed

CVE-2020-19275 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4484 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4485 was published May 24, 2022

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that... Moderate Unreviewed

CVE-2021-40338 was published Jan 29, 2022

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed

CVE-2019-3730 was published May 24, 2022

Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed

CVE-2019-12156 was published May 24, 2022

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed

CVE-2022-2760 was published Sep 29, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed

CVE-2020-6438 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2019-4729 was published May 24, 2022

Using XMLHttpRequest, an attacker could have identified installed applications by probing error... Moderate Unreviewed

CVE-2021-43542 was published Dec 9, 2021

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed

CVE-2020-15794 was published May 24, 2022

IBM Security Directory Server 6.4.0 generates an error message that includes sensitive... Moderate Unreviewed

CVE-2019-4547 was published May 24, 2022

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2020-4846 was published May 24, 2022

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... Moderate Unreviewed

CVE-2020-4761 was published May 24, 2022

IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could... Moderate Unreviewed

CVE-2020-4897 was published May 24, 2022

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2020-4487 was published May 24, 2022

IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2020-4842 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

168 advisories