GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ...
Moderate
Unreviewed
CVE-2019-19342
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to...
Moderate
Unreviewed
CVE-2019-4441
was published
May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response...
Moderate
Unreviewed
CVE-2019-12156
was published
May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and...
Moderate
Unreviewed
CVE-2019-3730
was published
May 24, 2022
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON...
Low
Unreviewed
CVE-2019-9455
was published
May 24, 2022
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS...
Moderate
Unreviewed
CVE-2019-11602
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4484
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4485
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4308
was published
May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,...
Moderate
Unreviewed
CVE-2019-4420
was published
May 24, 2022
OpenStack Nova Server Resource Faults Leak External Exception Details
High
CVE-2019-14433
was published
for
nova
(pip)
May 24, 2022
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2019-4129
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote...
High
Unreviewed
CVE-2019-4269
was published
May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails...
Moderate
Unreviewed
CVE-2019-12903
was published
May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that...
Moderate
Unreviewed
CVE-2019-4219
was published
May 24, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure...
Moderate
Unreviewed
CVE-2019-4257
was published
May 24, 2022
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user...
Moderate
Unreviewed
CVE-2019-12215
was published
May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x...
Moderate
Unreviewed
CVE-2014-8161
was published
May 17, 2022
Weblate user account enumeration via reset password form
Moderate
CVE-2017-5537
was published
for
weblate
(pip)
May 17, 2022
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks...
Critical
Unreviewed
CVE-2017-7551
was published
May 14, 2022
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in...
High
Unreviewed
CVE-2018-8042
was published
May 13, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given...
Moderate
Unreviewed
CVE-2018-2379
was published
May 13, 2022
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism...
High
Unreviewed
CVE-2018-17961
was published
May 13, 2022
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace...
Critical
Unreviewed
CVE-2018-14925
was published
May 13, 2022
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill...
Critical
Unreviewed
CVE-2018-11325
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API