Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to... Moderate Unreviewed
CVE-2000-1191 was published Apr 30, 2022
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2022-22449 was published Dec 24, 2022
When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed
CVE-2022-22760 was published Dec 22, 2022
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace... Moderate Unreviewed
CVE-2019-4377 was published May 24, 2022
Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message... Moderate Unreviewed
CVE-2022-46371 was published Jan 12, 2023
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed
CVE-2019-4420 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4308 was published May 24, 2022
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0... Moderate Unreviewed
CVE-2021-43206 was published May 5, 2022
When handling a mismatched pre-authentication cookie, the application leaks the internal error... Moderate Unreviewed
CVE-2022-26070 was published May 7, 2022
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-39023 was published May 7, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... High Unreviewed
CVE-2019-9223 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4441 was published May 24, 2022
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP... Moderate Unreviewed
CVE-2010-3332 was published May 13, 2022
The application allowed for Unauthenticated User Enumeration by interacting with an unsecured... Moderate Unreviewed
CVE-2022-40292 was published Nov 1, 2022
Exposure of class information in RESTEasy Moderate
CVE-2021-20289 was published for org.jboss.resteasy:resteasy-core (Maven) Apr 7, 2021
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed
CVE-2018-14907 was published May 13, 2022
Generation of Error Message Containing Sensitive Information in postgresql Moderate Unreviewed
CVE-2021-3393 was published Feb 15, 2022
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,... Moderate Unreviewed
CVE-2021-38980 was published Nov 24, 2021
In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed
CVE-2019-7550 was published May 13, 2022
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0... Critical Unreviewed
CVE-2017-7945 was published May 13, 2022
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user... Moderate Unreviewed
CVE-2017-1370 was published May 13, 2022
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill... Critical Unreviewed
CVE-2018-11325 was published May 13, 2022
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace... Critical Unreviewed
CVE-2018-14925 was published May 13, 2022
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism... High Unreviewed
CVE-2018-17961 was published May 13, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given... Moderate Unreviewed
CVE-2018-2379 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database