GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,076
Composer 4,322
Erlang 31
GitHub Actions 21
Go 2,079
Maven 5,250
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

240 advisories

Filter by severity

Sort by

Least recently updated

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10... Moderate Unreviewed

CVE-2020-9202 was published May 24, 2022

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store... Moderate Unreviewed

CVE-2021-28653 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no... Critical Unreviewed

CVE-2021-27170 was published May 24, 2022

The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored... Low Unreviewed

CVE-2020-4726 was published May 24, 2022

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed

CVE-2020-27746 was published May 24, 2022

A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with... Low Unreviewed

CVE-2019-19557 was published May 24, 2022

An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed

CVE-2019-19560 was published May 24, 2022

IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in... Moderate Unreviewed

CVE-2020-4673 was published May 24, 2022

IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks... Moderate Unreviewed

CVE-2020-4674 was published May 24, 2022

In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed

CVE-2021-25776 was published May 24, 2022

An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control... Moderate Unreviewed

CVE-2020-26176 was published May 24, 2022

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to... Low Unreviewed

CVE-2020-4906 was published May 24, 2022

An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker... Moderate Unreviewed

CVE-2019-19562 was published May 24, 2022

IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that... Low Unreviewed

CVE-2020-4886 was published May 24, 2022

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a... Moderate Unreviewed

CVE-2020-11484 was published May 24, 2022

An information disclosure issue existed in the handling of the Storage Access API. This issue was... Moderate Unreviewed

CVE-2019-8898 was published May 24, 2022

A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with... Low Unreviewed

CVE-2019-19561 was published May 24, 2022

IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may... Moderate Unreviewed

CVE-2020-4172 was published May 24, 2022

This issue was resolved by replacing device names with a random identifier. This issue is fixed... Low Unreviewed

CVE-2019-8799 was published May 24, 2022

This issue was addresses by updating incorrect URLSession file descriptors management logic to... Moderate Unreviewed

CVE-2019-8790 was published May 24, 2022

In constructImportFailureNotification of NotificationImportExportListener.java, there is a... Low Unreviewed

CVE-2020-0422 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high... High Unreviewed

CVE-2020-15775 was published May 24, 2022

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored... Low Unreviewed

CVE-2022-34354 was published Nov 16, 2022

SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed

CVE-2019-3684 was published May 24, 2022

Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed

CVE-2019-13719 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories