GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,529

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

178 advisories

Filter by severity

Sort by

Least recently updated

In affected versions of Octopus Server it is possible to reveal the existence of resources in a... Moderate Unreviewed

CVE-2022-2508 was published Oct 27, 2022

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2022-38107 was published Oct 20, 2022

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed

CVE-2022-2760 was published Sep 29, 2022

Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage... Moderate Unreviewed

CVE-2022-34882 was published Sep 7, 2022

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6... Moderate Unreviewed

CVE-2021-39086 was published Aug 17, 2022

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could... Moderate Unreviewed

CVE-2021-39018 was published Jul 15, 2022

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information... Moderate Unreviewed

CVE-2022-31229 was published Jun 29, 2022

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is... Moderate Unreviewed

CVE-2022-26973 was published Jun 3, 2022

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure... Moderate Unreviewed

CVE-2020-27015 was published May 24, 2022

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace... Moderate Unreviewed

CVE-2019-4377 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-38981 was published May 24, 2022

A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote... Moderate Unreviewed

CVE-2021-40126 was published May 24, 2022

/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to... Moderate Unreviewed

CVE-2021-35060 was published May 24, 2022

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-20552 was published May 24, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2021-1546 was published May 24, 2022

IBM Edge 4.2 could reveal sensitive version information about the server from error pages that... Moderate Unreviewed

CVE-2020-4941 was published May 24, 2022

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed

CVE-2021-20377 was published May 24, 2022

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-20485 was published May 24, 2022

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-20508 was published May 24, 2022

The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker... Moderate Unreviewed

CVE-2021-35947 was published May 24, 2022

A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private... Moderate Unreviewed

CVE-2021-22249 was published May 24, 2022

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-29767 was published May 24, 2022

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote... Moderate Unreviewed

CVE-2021-20430 was published May 24, 2022

IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-29784 was published May 24, 2022

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote... Moderate Unreviewed

CVE-2021-29766 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

178 advisories