GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker...
Moderate
Unreviewed
CVE-2020-4483
was published
May 24, 2022
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive...
Moderate
Unreviewed
CVE-2019-4547
was published
May 24, 2022
A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the...
Moderate
Unreviewed
CVE-2020-15794
was published
May 24, 2022
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a...
Moderate
Unreviewed
CVE-2020-6503
was published
May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2019-4729
was published
May 24, 2022
Diavante vue-storefront-api and storefront-api disclose stack trace
Moderate
CVE-2020-11883
was published
for
storefront-api
(npm)
May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an...
Moderate
Unreviewed
CVE-2020-6438
was published
May 24, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request...
Moderate
Unreviewed
CVE-2020-9351
was published
May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ...
Moderate
Unreviewed
CVE-2019-19342
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to...
Moderate
Unreviewed
CVE-2019-4441
was published
May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response...
Moderate
Unreviewed
CVE-2019-12156
was published
May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and...
Moderate
Unreviewed
CVE-2019-3730
was published
May 24, 2022
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS...
Moderate
Unreviewed
CVE-2019-11602
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4485
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4484
was published
May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,...
Moderate
Unreviewed
CVE-2019-4420
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4308
was published
May 24, 2022
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2019-4129
was published
May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails...
Moderate
Unreviewed
CVE-2019-12903
was published
May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that...
Moderate
Unreviewed
CVE-2019-4219
was published
May 24, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure...
Moderate
Unreviewed
CVE-2019-4257
was published
May 24, 2022
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user...
Moderate
Unreviewed
CVE-2019-12215
was published
May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x...
Moderate
Unreviewed
CVE-2014-8161
was published
May 17, 2022
Weblate user account enumeration via reset password form
Moderate
CVE-2017-5537
was published
for
weblate
(pip)
May 17, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given...
Moderate
Unreviewed
CVE-2018-2379
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API