GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,565
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

168 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed

CVE-2020-15794 was published May 24, 2022

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed

CVE-2020-6503 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2019-4729 was published May 24, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed

CVE-2020-6438 was published May 24, 2022

An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed

CVE-2020-9351 was published May 24, 2022

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed

CVE-2019-19342 was published May 24, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4441 was published May 24, 2022

Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed

CVE-2019-12156 was published May 24, 2022

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed

CVE-2019-3730 was published May 24, 2022

Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS... Moderate Unreviewed

CVE-2019-11602 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4485 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4484 was published May 24, 2022

IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed

CVE-2019-4420 was published May 24, 2022

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4308 was published May 24, 2022

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2019-4129 was published May 24, 2022

Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed

CVE-2019-12903 was published May 24, 2022

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that... Moderate Unreviewed

CVE-2019-4219 was published May 24, 2022

IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure... Moderate Unreviewed

CVE-2019-4257 was published May 24, 2022

** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed

CVE-2019-12215 was published May 24, 2022

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed

CVE-2014-8161 was published May 17, 2022

In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given... Moderate Unreviewed

CVE-2018-2379 was published May 13, 2022

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user... Moderate Unreviewed

CVE-2017-1370 was published May 13, 2022

In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3... Moderate Unreviewed

CVE-2018-10624 was published May 13, 2022

In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed

CVE-2019-7550 was published May 13, 2022

The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed

CVE-2018-14907 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

168 advisories