Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4487 was published May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4544 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4599 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4600 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2020-4628 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20402 was published May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Low Unreviewed
CVE-2019-18947 was published May 24, 2022
If Content Security Policy blocked frame navigation, the full destination of a redirect served in... Moderate Unreviewed
CVE-2021-23968 was published May 24, 2022
When trying to load a cross-origin resource in an audio/video context a decoding error may have... Moderate Unreviewed
CVE-2021-23973 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a... Low Unreviewed
CVE-2021-22193 was published May 24, 2022
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2020-4536 was published May 24, 2022
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid... Moderate Unreviewed
CVE-2020-19275 was published May 24, 2022
A vulnerability has been identified in Mendix Database Replication (All versions < V7.0.1).... Moderate Unreviewed
CVE-2021-31341 was published May 24, 2022
A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3).... Moderate Unreviewed
CVE-2021-31339 was published May 24, 2022
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote... Moderate Unreviewed
CVE-2020-23995 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-20393 was published May 24, 2022
The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97... Moderate Unreviewed
CVE-2021-29040 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... High Unreviewed
CVE-2021-29688 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-29682 was published May 24, 2022
IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2021-20428 was published May 24, 2022
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20371 was published May 24, 2022
SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the... Moderate Unreviewed
CVE-2021-30357 was published May 24, 2022
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a... Moderate Unreviewed
CVE-2021-26997 was published May 24, 2022
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due... Moderate Unreviewed
CVE-2021-31159 was published May 24, 2022
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Moderate Unreviewed
CVE-2020-20470 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API