GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,179

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

406 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain... High Unreviewed

CVE-2021-39023 was published May 7, 2022

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... High Unreviewed

CVE-2019-9223 was published May 13, 2022

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP... Moderate Unreviewed

CVE-2010-3332 was published May 13, 2022

The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of... Moderate Unreviewed

CVE-2018-14907 was published May 13, 2022

In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using... Moderate Unreviewed

CVE-2019-7550 was published May 13, 2022

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0... Critical Unreviewed

CVE-2017-7945 was published May 13, 2022

katello SQL Injection vulnerability Moderate

CVE-2018-14623 was published for katello (RubyGems) May 13, 2022

In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3... Moderate Unreviewed

CVE-2018-10624 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of... Moderate Unreviewed

CVE-2017-0885 was published May 13, 2022

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution... Moderate Unreviewed

CVE-2016-9459 was published May 13, 2022

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user... Moderate Unreviewed

CVE-2017-1370 was published May 13, 2022

An issue was discovered in Joomla! Core before 3.8.8. The web install application would autofill... Critical Unreviewed

CVE-2018-11325 was published May 13, 2022

Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace... Critical Unreviewed

CVE-2018-14925 was published May 13, 2022

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism... High Unreviewed

CVE-2018-17961 was published May 13, 2022

In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given... Moderate Unreviewed

CVE-2018-2379 was published May 13, 2022

Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in... High Unreviewed

CVE-2018-8042 was published May 13, 2022

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers... Moderate Unreviewed

CVE-2013-7331 was published May 14, 2022

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks... Critical Unreviewed

CVE-2017-7551 was published May 14, 2022

Weblate user account enumeration via reset password form Moderate

CVE-2017-5537 was published for weblate (pip) May 17, 2022

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Moderate Unreviewed

CVE-2014-8161 was published May 17, 2022

** DISPUTED ** A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user... Moderate Unreviewed

CVE-2019-12215 was published May 24, 2022

IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure... Moderate Unreviewed

CVE-2019-4257 was published May 24, 2022

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that... Moderate Unreviewed

CVE-2019-4219 was published May 24, 2022

Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails... Moderate Unreviewed

CVE-2019-12903 was published May 24, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote... High Unreviewed

CVE-2019-4269 was published May 24, 2022

Previous 1…3…17 Next

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

406 advisories