GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
155 advisories
Filter by severity
The response messages received from the eSOMS report generation using certain parameter queries...
Moderate
Unreviewed
CVE-2023-5514
was published
Nov 1, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2022-43891
was published
Oct 17, 2023
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page...
Moderate
Unreviewed
CVE-2023-5089
was published
Oct 16, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when...
Moderate
Unreviewed
CVE-2023-5177
was published
Oct 16, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details...
Moderate
Unreviewed
CVE-2023-41365
was published
Oct 10, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an...
Moderate
Unreviewed
CVE-2023-0833
was published
Sep 27, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected...
Moderate
Unreviewed
CVE-2023-40725
was published
Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version...
Moderate
Unreviewed
CVE-2023-37489
was published
Sep 14, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-35124
was published
Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2023-33834
was published
Aug 31, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow...
Moderate
Unreviewed
CVE-2023-26272
was published
Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated...
Moderate
Unreviewed
CVE-2023-32755
was published
Aug 25, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system...
Moderate
Unreviewed
CVE-2023-35009
was published
Aug 17, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when...
Moderate
Unreviewed
CVE-2020-4868
was published
Jul 31, 2023
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when...
Moderate
Unreviewed
CVE-2023-28514
was published
May 19, 2023
In affected versions of Octopus Deploy it is possible to discover network details via error message
Moderate
Unreviewed
CVE-2022-4870
was published
May 18, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error...
Moderate
Unreviewed
CVE-2023-27860
was published
Apr 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,...
Moderate
Unreviewed
CVE-2022-4769
was published
Apr 3, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2,...
Moderate
Unreviewed
CVE-2022-4770
was published
Apr 3, 2023
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an...
Moderate
Unreviewed
CVE-2023-25687
was published
Mar 21, 2023
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated...
Moderate
Unreviewed
CVE-2023-0655
was published
Feb 14, 2023
Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2022-46675
was published
Feb 11, 2023
Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message...
Moderate
Unreviewed
CVE-2022-46371
was published
Jan 12, 2023
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2022-22449
was published
Dec 24, 2022
ProTip!
Advisories are also available from the
GraphQL API