GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,202

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

247 advisories

Filter by severity

Sort by

Least recently updated

MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can... High Unreviewed

CVE-2023-37306 was published Jun 30, 2023

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the... Low Unreviewed

CVE-2023-34339 was published Jun 1, 2023

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when... Moderate Unreviewed

CVE-2023-28514 was published May 19, 2023

In affected versions of Octopus Deploy it is possible to discover network details via error message Moderate Unreviewed

CVE-2022-4870 was published May 18, 2023

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted... Moderate Unreviewed

CVE-2023-21103 was published May 16, 2023

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error... Moderate Unreviewed

CVE-2023-27860 was published Apr 27, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-4770 was published Apr 3, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,... Moderate Unreviewed

CVE-2022-4769 was published Apr 3, 2023

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an... Moderate Unreviewed

CVE-2023-25687 was published Mar 21, 2023

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7... High Unreviewed

CVE-2020-5026 was published Mar 2, 2023

SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated... Moderate Unreviewed

CVE-2023-0655 was published Feb 14, 2023

Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A... Moderate Unreviewed

CVE-2022-46675 was published Feb 11, 2023

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message... Moderate Unreviewed

CVE-2022-46371 was published Jan 12, 2023

IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2022-22449 was published Dec 24, 2022

When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed

CVE-2022-22760 was published Dec 22, 2022

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1... Low Unreviewed

CVE-2022-34881 was published Dec 6, 2022

The application allowed for Unauthenticated User Enumeration by interacting with an unsecured... Moderate Unreviewed

CVE-2022-40292 was published Nov 1, 2022

Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an... Critical Unreviewed

CVE-2021-42777 was published Oct 29, 2022

In affected versions of Octopus Server it is possible to reveal the existence of resources in a... Moderate Unreviewed

CVE-2022-2508 was published Oct 27, 2022

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2022-38107 was published Oct 20, 2022

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed

CVE-2022-2760 was published Sep 29, 2022

Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage... Moderate Unreviewed

CVE-2022-34882 was published Sep 7, 2022

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6... Moderate Unreviewed

CVE-2021-39086 was published Aug 17, 2022

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages... High Unreviewed

CVE-2022-33930 was published Aug 11, 2022

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... High Unreviewed

CVE-2022-35715 was published Aug 11, 2022

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

247 advisories