Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

303 advisories

Loading
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4599 was published May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4544 was published May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4487 was published May 24, 2022
IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could... Moderate Unreviewed
CVE-2020-4897 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... Moderate Unreviewed
CVE-2020-4761 was published May 24, 2022
If exploited, this vulnerability could allow attackers to gain sensitive information via... Low Unreviewed
CVE-2020-2505 was published May 24, 2022
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2020-4842 was published May 24, 2022
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due... Moderate Unreviewed
CVE-2020-14270 was published May 24, 2022
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2020-4846 was published May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a... Moderate Unreviewed
CVE-2020-4907 was published May 24, 2022
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal... Low Unreviewed
CVE-2020-16128 was published May 24, 2022
PackageKit provided detailed error messages to unprivileged callers that exposed information... Low Unreviewed
CVE-2020-16121 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker... Moderate Unreviewed
CVE-2020-4483 was published May 24, 2022
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed... High Unreviewed
CVE-2020-4584 was published May 24, 2022
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive... Moderate Unreviewed
CVE-2019-4547 was published May 24, 2022
A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed
CVE-2020-15794 was published May 24, 2022
Shopware database password is leaked to an unauthenticated users High
CVE-2020-13997 was published for shopware/core (Composer) May 24, 2022
mitelg
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed
CVE-2020-6503 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2019-4729 was published May 24, 2022
Diavante vue-storefront-api and storefront-api disclose stack trace Moderate
CVE-2020-11883 was published for storefront-api (npm) May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed
CVE-2020-6438 was published May 24, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed
CVE-2020-9351 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed
CVE-2019-19342 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4441 was published May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed
CVE-2019-12156 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database