Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

208 advisories

Loading
The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker... Moderate Unreviewed
CVE-2021-35947 was published May 24, 2022
In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors... High Unreviewed
CVE-2021-25958 was published May 24, 2022
A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private... Moderate Unreviewed
CVE-2021-22249 was published May 24, 2022
In SapphireIMS 4097_1, it is possible to guess the registered/active usernames of the software... High Unreviewed
CVE-2017-16629 was published May 24, 2022
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-29767 was published May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote... Moderate Unreviewed
CVE-2021-29766 was published May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote... Moderate Unreviewed
CVE-2021-20430 was published May 24, 2022
IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2021-29784 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2021-20523 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2021-20499 was published May 24, 2022
A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9),... Moderate Unreviewed
CVE-2021-33711 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-20424 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2021-20417 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2021-20413 was published May 24, 2022
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Moderate Unreviewed
CVE-2020-20470 was published May 24, 2022
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due... Moderate Unreviewed
CVE-2021-31159 was published May 24, 2022
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a... Moderate Unreviewed
CVE-2021-26997 was published May 24, 2022
SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the... Moderate Unreviewed
CVE-2021-30357 was published May 24, 2022
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20371 was published May 24, 2022
IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2021-20428 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... High Unreviewed
CVE-2021-29688 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-29682 was published May 24, 2022
The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97... Moderate Unreviewed
CVE-2021-29040 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-20393 was published May 24, 2022
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote... Moderate Unreviewed
CVE-2020-23995 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API