GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,399

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

213 advisories

Filter by severity

Sort by

Least recently updated

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-20402 was published May 24, 2022

If Content Security Policy blocked frame navigation, the full destination of a redirect served in... Moderate Unreviewed

CVE-2021-23968 was published May 24, 2022

When trying to load a cross-origin resource in an audio/video context a decoding error may have... Moderate Unreviewed

CVE-2021-23973 was published May 24, 2022

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed

CVE-2020-4536 was published May 24, 2022

An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid... Moderate Unreviewed

CVE-2020-19275 was published May 24, 2022

A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3).... Moderate Unreviewed

CVE-2021-31339 was published May 24, 2022

A vulnerability has been identified in Mendix Database Replication (All versions < V7.0.1).... Moderate Unreviewed

CVE-2021-31341 was published May 24, 2022

An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote... Moderate Unreviewed

CVE-2020-23995 was published May 24, 2022

The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97... Moderate Unreviewed

CVE-2021-29040 was published May 24, 2022

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2021-29682 was published May 24, 2022

IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2021-20428 was published May 24, 2022

IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-20371 was published May 24, 2022

SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the... Moderate Unreviewed

CVE-2021-30357 was published May 24, 2022

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a... Moderate Unreviewed

CVE-2021-26997 was published May 24, 2022

Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due... Moderate Unreviewed

CVE-2021-31159 was published May 24, 2022

White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Moderate Unreviewed

CVE-2020-20470 was published May 24, 2022

IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-20413 was published May 24, 2022

IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-20417 was published May 24, 2022

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2021-20424 was published May 24, 2022

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9),... Moderate Unreviewed

CVE-2021-33711 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-20499 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-20523 was published May 24, 2022

Generation of Error Message Containing Sensitive Information in Elasticsearch Moderate

CVE-2021-22145 was published for org.elasticsearch.client:elasticsearch-rest-client (Maven) May 24, 2022

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote... Moderate Unreviewed

CVE-2021-29766 was published May 24, 2022

IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-29784 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

213 advisories