Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

334 advisories

Loading
Diavante vue-storefront-api and storefront-api disclose stack trace Moderate
CVE-2020-11883 was published for storefront-api (npm) May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed
CVE-2020-6438 was published May 24, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed
CVE-2020-9351 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed
CVE-2019-19342 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4441 was published May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed
CVE-2019-12156 was published May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed
CVE-2019-3730 was published May 24, 2022
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON... Low Unreviewed
CVE-2019-9455 was published May 24, 2022
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS... Moderate Unreviewed
CVE-2019-11602 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4485 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4484 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4308 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed
CVE-2019-4420 was published May 24, 2022
OpenStack Nova Server Resource Faults Leak External Exception Details High
CVE-2019-14433 was published for nova (pip) May 24, 2022
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2019-4129 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote... High Unreviewed
CVE-2019-4269 was published May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed
CVE-2019-12903 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that... Moderate Unreviewed
CVE-2019-4219 was published May 24, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure... Moderate Unreviewed
CVE-2019-4257 was published May 24, 2022
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed
CVE-2019-12215 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed
CVE-2014-8161 was published May 17, 2022
Weblate user account enumeration via reset password form Moderate
CVE-2017-5537 was published for weblate (pip) May 17, 2022
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks... Critical Unreviewed
CVE-2017-7551 was published May 14, 2022
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in... High Unreviewed
CVE-2018-8042 was published May 13, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given... Moderate Unreviewed
CVE-2018-2379 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database