GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
174 advisories
Filter by severity
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2021-35251
was published
Mar 11, 2022
Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14...
Moderate
Unreviewed
CVE-2022-1120
was published
Apr 5, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0...
Moderate
Unreviewed
CVE-2021-39033
was published
Apr 20, 2022
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability.
Moderate
Unreviewed
CVE-2020-20470
was published
May 24, 2022
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote...
Moderate
Unreviewed
CVE-2020-23995
was published
May 24, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is...
Moderate
Unreviewed
CVE-2022-26973
was published
Jun 3, 2022
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information...
Moderate
Unreviewed
CVE-2022-31229
was published
Jun 29, 2022
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could...
Moderate
Unreviewed
CVE-2021-39018
was published
Jul 15, 2022
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid...
Moderate
Unreviewed
CVE-2020-19275
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4484
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4485
was published
May 24, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and...
Moderate
Unreviewed
CVE-2019-3730
was published
May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response...
Moderate
Unreviewed
CVE-2019-12156
was published
May 24, 2022
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the...
Moderate
Unreviewed
CVE-2022-2760
was published
Sep 29, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an...
Moderate
Unreviewed
CVE-2020-6438
was published
May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2019-4729
was published
May 24, 2022
Using XMLHttpRequest, an attacker could have identified installed applications by probing error...
Moderate
Unreviewed
CVE-2021-43542
was published
Dec 9, 2021
A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the...
Moderate
Unreviewed
CVE-2020-15794
was published
May 24, 2022
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive...
Moderate
Unreviewed
CVE-2019-4547
was published
May 24, 2022
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2020-4846
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,...
Moderate
Unreviewed
CVE-2020-4761
was published
May 24, 2022
IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could...
Moderate
Unreviewed
CVE-2020-4897
was published
May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2020-4487
was published
May 24, 2022
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2020-4842
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API