GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,529

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

321 advisories

Filter by severity

Sort by

Least recently updated

Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in... High Unreviewed

CVE-2018-8042 was published May 13, 2022

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages... High Unreviewed

CVE-2022-33930 was published Aug 11, 2022

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... High Unreviewed

CVE-2022-35715 was published Aug 11, 2022

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2019-4129 was published May 24, 2022

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1... Low Unreviewed

CVE-2022-34881 was published Dec 6, 2022

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2022-38107 was published Oct 20, 2022

livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information Moderate Unreviewed

CVE-2021-4177 was published Dec 29, 2021

User enumeration in livehelperchat Moderate

CVE-2022-0083 was published for remdex/livehelperchat (Composer) Jan 21, 2022

showdoc is vulnerable to Generation of Error Message Containing Sensitive Information Moderate

CVE-2022-0079 was published for showdoc/showdoc (Composer) Jan 6, 2022

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-38894 was published Jan 11, 2022

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of... High Unreviewed

CVE-2022-22162 was published Jan 20, 2022

Generation of Error Message Containing Sensitive Information in microweber Moderate

CVE-2022-0504 was published for microweber/microweber (Composer) Feb 9, 2022

Generation of Error Message Containing Sensitive Information in Snipe-IT Moderate

CVE-2022-0622 was published for snipe/snipe-it (Composer) Feb 18, 2022

Generation of Error Message Containing Sensitive Information in microweber High

CVE-2022-0660 was published for microweber/microweber (Composer) Feb 19, 2022

An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote... Moderate Unreviewed

CVE-2021-46353 was published Mar 5, 2022

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that... Moderate Unreviewed

CVE-2019-4219 was published May 24, 2022

IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure... Moderate Unreviewed

CVE-2019-4257 was published May 24, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote... High Unreviewed

CVE-2019-4269 was published May 24, 2022

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks... Critical Unreviewed

CVE-2017-7551 was published May 14, 2022

Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A... Moderate Unreviewed

CVE-2022-46675 was published Feb 11, 2023

SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated... Moderate Unreviewed

CVE-2023-0655 was published Feb 14, 2023

Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions Low

CVE-2023-26052 was published for saleor (pip) Mar 2, 2023

Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions Moderate

CVE-2023-26051 was published for Saleor (pip) Mar 3, 2023

Apache Airflow AWS Provider Generates Error Message Containing Sensitive Information High

CVE-2023-25956 was published for apache-airflow-providers-amazon (pip) Feb 24, 2023

katello SQL Injection vulnerability Moderate

CVE-2018-14623 was published for katello (RubyGems) May 13, 2022

Previous 1 2 3 4 5 6 7 8 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

321 advisories