GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,352

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

321 advisories

Filter by severity

Sort by

Least recently updated

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could... Moderate Unreviewed

CVE-2021-39018 was published Jul 15, 2022

An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid... Moderate Unreviewed

CVE-2020-19275 was published May 24, 2022

JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization Moderate

CVE-2022-31189 was published for org.dspace:dspace-jspui (Maven) Aug 6, 2022

Incorrect implementation of lockout feature in Keycloak High

CVE-2021-3513 was published for org.keycloak:keycloak-parent (Maven) Aug 23, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4484 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4485 was published May 24, 2022

Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that... Moderate Unreviewed

CVE-2021-40338 was published Jan 29, 2022

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON... Low Unreviewed

CVE-2019-9455 was published May 24, 2022

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed

CVE-2019-3730 was published May 24, 2022

Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed

CVE-2019-12156 was published May 24, 2022

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed

CVE-2022-2760 was published Sep 29, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed

CVE-2020-6438 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2019-4729 was published May 24, 2022

Using XMLHttpRequest, an attacker could have identified installed applications by probing error... Moderate Unreviewed

CVE-2021-43542 was published Dec 9, 2021

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed

CVE-2020-15794 was published May 24, 2022

IBM Security Directory Server 6.4.0 generates an error message that includes sensitive... Moderate Unreviewed

CVE-2019-4547 was published May 24, 2022

PackageKit provided detailed error messages to unprivileged callers that exposed information... Low Unreviewed

CVE-2020-16121 was published May 24, 2022

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2020-4846 was published May 24, 2022

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal... Low Unreviewed

CVE-2020-16128 was published May 24, 2022

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... Moderate Unreviewed

CVE-2020-4761 was published May 24, 2022

IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could... Moderate Unreviewed

CVE-2020-4897 was published May 24, 2022

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2020-4487 was published May 24, 2022

If exploited, this vulnerability could allow attackers to gain sensitive information via... Low Unreviewed

CVE-2020-2505 was published May 24, 2022

IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2020-4842 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker... Moderate Unreviewed

CVE-2020-4483 was published May 24, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

321 advisories