Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25 advisories

Loading
This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs... High Unreviewed
CVE-2024-51560 was published Nov 4, 2024
An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api... High Unreviewed
CVE-2024-39719 was published Oct 31, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28939 was published Apr 9, 2024
.NET Framework Information Disclosure Vulnerability High Unreviewed
CVE-2024-29059 was published Mar 23, 2024
Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router... High Unreviewed
CVE-2023-41027 was published Sep 22, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... High Unreviewed
CVE-2023-33835 was published Aug 31, 2023
Server information leak of configuration data when an error is generated in response to a... High Unreviewed
CVE-2023-25948 was published Jul 13, 2023
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can... High Unreviewed
CVE-2023-37306 was published Jun 30, 2023
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7... High Unreviewed
CVE-2020-5026 was published Mar 2, 2023
Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages... High Unreviewed
CVE-2022-33930 was published Aug 11, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-35715 was published Aug 11, 2022
In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors... High Unreviewed
CVE-2021-25958 was published May 24, 2022
In SapphireIMS 4097_1, it is possible to guess the registered/active usernames of the software... High Unreviewed
CVE-2017-16629 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information... High Unreviewed
CVE-2021-29688 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-20393 was published May 24, 2022
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed... High Unreviewed
CVE-2020-4584 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote... High Unreviewed
CVE-2019-4269 was published May 24, 2022
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in... High Unreviewed
CVE-2018-8042 was published May 13, 2022
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism... High Unreviewed
CVE-2018-17961 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... High Unreviewed
CVE-2019-9223 was published May 13, 2022
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-39023 was published May 7, 2022
In APache APISIX before 3.13.1, an attacker can obtain a plugin-configured secret via an error... High Unreviewed
CVE-2022-29266 was published Apr 21, 2022
An attacker can gain knowledge of a session temporary working folder where the getfile and... High Unreviewed
CVE-2021-32937 was published Apr 3, 2022
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,... High Unreviewed
CVE-2021-26726 was published Feb 17, 2022
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of... High Unreviewed
CVE-2022-22162 was published Jan 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database