GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,086
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,900
Maven 5,098
npm 3,630
NuGet 638
pip 3,244
Pub 10
RubyGems 863
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,414

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

280 advisories

Filter by severity

Sort by

Least recently updated

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure... Moderate Unreviewed

CVE-2020-27015 was published May 24, 2022

htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to... Moderate Unreviewed

CVE-2000-1191 was published Apr 30, 2022

IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2022-22449 was published Dec 24, 2022

When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed

CVE-2022-22760 was published Dec 22, 2022

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace... Moderate Unreviewed

CVE-2019-4377 was published May 24, 2022

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message... Moderate Unreviewed

CVE-2022-46371 was published Jan 12, 2023

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed

CVE-2019-4308 was published May 24, 2022

IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed

CVE-2019-4420 was published May 24, 2022

A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0... Moderate Unreviewed

CVE-2021-43206 was published May 5, 2022

When handling a mismatched pre-authentication cookie, the application leaks the internal error... Moderate Unreviewed

CVE-2022-26070 was published May 7, 2022

IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain... High Unreviewed

CVE-2021-39023 was published May 7, 2022

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... High Unreviewed

CVE-2019-9223 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4441 was published May 24, 2022

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP... Moderate Unreviewed

CVE-2010-3332 was published May 13, 2022

The application allowed for Unauthenticated User Enumeration by interacting with an unsecured... Moderate Unreviewed

CVE-2022-40292 was published Nov 1, 2022

Exposure of class information in RESTEasy Moderate

CVE-2021-20289 was published for org.jboss.resteasy:resteasy-core (Maven) Apr 7, 2021

The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed

CVE-2018-14907 was published May 13, 2022

Generation of Error Message Containing Sensitive Information in postgresql Moderate Unreviewed

CVE-2021-3393 was published Feb 15, 2022

IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,... Moderate Unreviewed

CVE-2021-38980 was published Nov 24, 2021

In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed

CVE-2019-7550 was published May 13, 2022

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0... Critical Unreviewed

CVE-2017-7945 was published May 13, 2022

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user... Moderate Unreviewed

CVE-2017-1370 was published May 13, 2022

Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace... Critical Unreviewed

CVE-2018-14925 was published May 13, 2022

An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill... Critical Unreviewed

CVE-2018-11325 was published May 13, 2022

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism... High Unreviewed

CVE-2018-17961 was published May 13, 2022

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280 advisories