GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
208 advisories
Filter by severity
When importing resources using Web Workers, error messages would distinguish the difference...
Moderate
Unreviewed
CVE-2022-22760
was published
Dec 22, 2022
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1...
Low
Unreviewed
CVE-2022-34881
was published
Dec 6, 2022
The application allowed for Unauthenticated User Enumeration by interacting with an unsecured...
Moderate
Unreviewed
CVE-2022-40292
was published
Nov 1, 2022
Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an...
Critical
Unreviewed
CVE-2021-42777
was published
Oct 29, 2022
In affected versions of Octopus Server it is possible to reveal the existence of resources in a...
Moderate
Unreviewed
CVE-2022-2508
was published
Oct 27, 2022
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2022-38107
was published
Oct 20, 2022
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the...
Moderate
Unreviewed
CVE-2022-2760
was published
Sep 29, 2022
Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage...
Moderate
Unreviewed
CVE-2022-34882
was published
Sep 7, 2022
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6...
Moderate
Unreviewed
CVE-2021-39086
was published
Aug 17, 2022
Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages...
High
Unreviewed
CVE-2022-33930
was published
Aug 11, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2022-35715
was published
Aug 11, 2022
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could...
Moderate
Unreviewed
CVE-2021-39018
was published
Jul 15, 2022
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information...
Moderate
Unreviewed
CVE-2022-31229
was published
Jun 29, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is...
Moderate
Unreviewed
CVE-2022-26973
was published
Jun 3, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure...
Moderate
Unreviewed
CVE-2020-27015
was published
May 24, 2022
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace...
Moderate
Unreviewed
CVE-2019-4377
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-38981
was published
May 24, 2022
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2021-40126
was published
May 24, 2022
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to...
Moderate
Unreviewed
CVE-2021-35060
was published
May 24, 2022
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-20552
was published
May 24, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2021-1546
was published
May 24, 2022
IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2021-20377
was published
May 24, 2022
IBM Edge 4.2 could reveal sensitive version information about the server from error pages that...
Moderate
Unreviewed
CVE-2020-4941
was published
May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-20485
was published
May 24, 2022
IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2021-20508
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API