GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,399

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

213 advisories

Filter by severity

Sort by

Least recently updated

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4484 was published May 24, 2022

Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS... Moderate Unreviewed

CVE-2019-11602 was published May 24, 2022

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed

CVE-2019-3730 was published May 24, 2022

Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed

CVE-2019-12156 was published May 24, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4441 was published May 24, 2022

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed

CVE-2019-19342 was published May 24, 2022

An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed

CVE-2020-9351 was published May 24, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed

CVE-2020-6438 was published May 24, 2022

Diavante vue-storefront-api and storefront-api disclose stack trace Moderate

CVE-2020-11883 was published for storefront-api (npm) May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2019-4729 was published May 24, 2022

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed

CVE-2020-6503 was published May 24, 2022

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed

CVE-2020-15794 was published May 24, 2022

IBM Security Directory Server 6.4.0 generates an error message that includes sensitive... Moderate Unreviewed

CVE-2019-4547 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker... Moderate Unreviewed

CVE-2020-4483 was published May 24, 2022

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a... Moderate Unreviewed

CVE-2020-4907 was published May 24, 2022

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2020-4846 was published May 24, 2022

HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due... Moderate Unreviewed

CVE-2020-14270 was published May 24, 2022

IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2020-4842 was published May 24, 2022

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... Moderate Unreviewed

CVE-2020-4761 was published May 24, 2022

IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could... Moderate Unreviewed

CVE-2020-4897 was published May 24, 2022

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2020-4544 was published May 24, 2022

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2020-4487 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2020-4600 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2020-4599 was published May 24, 2022

IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2020-4628 was published May 24, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

213 advisories