GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
208 advisories
Filter by severity
A vulnerability has been identified in Mendix Database Replication (All versions < V7.0.1)....
Moderate
Unreviewed
CVE-2021-31341
was published
May 24, 2022
A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3)....
Moderate
Unreviewed
CVE-2021-31339
was published
May 24, 2022
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid...
Moderate
Unreviewed
CVE-2020-19275
was published
May 24, 2022
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when...
Moderate
Unreviewed
CVE-2020-4536
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a...
Low
Unreviewed
CVE-2021-22193
was published
May 24, 2022
When trying to load a cross-origin resource in an audio/video context a decoding error may have...
Moderate
Unreviewed
CVE-2021-23973
was published
May 24, 2022
If Content Security Policy blocked frame navigation, the full destination of a redirect served in...
Moderate
Unreviewed
CVE-2021-23968
was published
May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are...
Low
Unreviewed
CVE-2019-18947
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-20402
was published
May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2020-4628
was published
May 24, 2022
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2020-4600
was published
May 24, 2022
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2020-4599
was published
May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2020-4487
was published
May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2020-4544
was published
May 24, 2022
IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could...
Moderate
Unreviewed
CVE-2020-4897
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,...
Moderate
Unreviewed
CVE-2020-4761
was published
May 24, 2022
If exploited, this vulnerability could allow attackers to gain sensitive information via...
Low
Unreviewed
CVE-2020-2505
was published
May 24, 2022
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2020-4842
was published
May 24, 2022
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due...
Moderate
Unreviewed
CVE-2020-14270
was published
May 24, 2022
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2020-4846
was published
May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a...
Moderate
Unreviewed
CVE-2020-4907
was published
May 24, 2022
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal...
Low
Unreviewed
CVE-2020-16128
was published
May 24, 2022
PackageKit provided detailed error messages to unprivileged callers that exposed information...
Low
Unreviewed
CVE-2020-16121
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker...
Moderate
Unreviewed
CVE-2020-4483
was published
May 24, 2022
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed...
High
Unreviewed
CVE-2020-4584
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API