GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
196 advisories
Filter by severity
An information disclosure vulnerability was discovered in glusterfs server. An attacker could...
Moderate
Unreviewed
CVE-2018-10913
was published
Apr 30, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure...
Moderate
Unreviewed
CVE-2020-27015
was published
May 24, 2022
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to...
Moderate
Unreviewed
CVE-2000-1191
was published
Apr 30, 2022
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2022-22449
was published
Dec 24, 2022
When importing resources using Web Workers, error messages would distinguish the difference...
Moderate
Unreviewed
CVE-2022-22760
was published
Dec 22, 2022
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace...
Moderate
Unreviewed
CVE-2019-4377
was published
May 24, 2022
Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message...
Moderate
Unreviewed
CVE-2022-46371
was published
Jan 12, 2023
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4308
was published
May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,...
Moderate
Unreviewed
CVE-2019-4420
was published
May 24, 2022
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0...
Moderate
Unreviewed
CVE-2021-43206
was published
May 5, 2022
When handling a mismatched pre-authentication cookie, the application leaks the internal error...
Moderate
Unreviewed
CVE-2022-26070
was published
May 7, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to...
Moderate
Unreviewed
CVE-2019-4441
was published
May 24, 2022
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP...
Moderate
Unreviewed
CVE-2010-3332
was published
May 13, 2022
The application allowed for Unauthenticated User Enumeration by interacting with an unsecured...
Moderate
Unreviewed
CVE-2022-40292
was published
Nov 1, 2022
Exposure of class information in RESTEasy
Moderate
CVE-2021-20289
was published
for
org.jboss.resteasy:resteasy-core
(Maven)
Apr 7, 2021
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of...
Moderate
Unreviewed
CVE-2018-14907
was published
May 13, 2022
Generation of Error Message Containing Sensitive Information in postgresql
Moderate
Unreviewed
CVE-2021-3393
was published
Feb 15, 2022
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,...
Moderate
Unreviewed
CVE-2021-38980
was published
Nov 24, 2021
In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using...
Moderate
Unreviewed
CVE-2019-7550
was published
May 13, 2022
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user...
Moderate
Unreviewed
CVE-2017-1370
was published
May 13, 2022
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given...
Moderate
Unreviewed
CVE-2018-2379
was published
May 13, 2022
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2019-4129
was published
May 24, 2022
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2022-38107
was published
Oct 20, 2022
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
Unreviewed
CVE-2021-4177
was published
Dec 29, 2021
User enumeration in livehelperchat
Moderate
CVE-2022-0083
was published
for
remdex/livehelperchat
(Composer)
Jan 21, 2022
ProTip!
Advisories are also available from the
GraphQL API