Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Loading
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4484 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4485 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed
CVE-2019-4420 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4308 was published May 24, 2022
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2019-4129 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote... High Unreviewed
CVE-2019-4269 was published May 24, 2022
Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed
CVE-2019-12903 was published May 24, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure... Moderate Unreviewed
CVE-2019-4257 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that... Moderate Unreviewed
CVE-2019-4219 was published May 24, 2022
** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed
CVE-2019-12215 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed
CVE-2014-8161 was published May 17, 2022
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks... Critical Unreviewed
CVE-2017-7551 was published May 14, 2022
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers... Moderate Unreviewed
CVE-2013-7331 was published May 14, 2022
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in... High Unreviewed
CVE-2018-8042 was published May 13, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given... Moderate Unreviewed
CVE-2018-2379 was published May 13, 2022
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism... High Unreviewed
CVE-2018-17961 was published May 13, 2022
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace... Critical Unreviewed
CVE-2018-14925 was published May 13, 2022
An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill... Critical Unreviewed
CVE-2018-11325 was published May 13, 2022
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user... Moderate Unreviewed
CVE-2017-1370 was published May 13, 2022
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution... Moderate Unreviewed
CVE-2016-9459 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of... Moderate Unreviewed
CVE-2017-0885 was published May 13, 2022
In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3... Moderate Unreviewed
CVE-2018-10624 was published May 13, 2022
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0... Critical Unreviewed
CVE-2017-7945 was published May 13, 2022
In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed
CVE-2019-7550 was published May 13, 2022
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed
CVE-2018-14907 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database