Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Loading
Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated... Moderate Unreviewed
CVE-2020-28911 was published May 24, 2022
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which... Low Unreviewed
CVE-2020-4765 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally... Low Unreviewed
CVE-2021-20391 was published May 24, 2022
The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store... Moderate Unreviewed
CVE-2021-28653 was published May 24, 2022
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored... Low Unreviewed
CVE-2020-4726 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no... Critical Unreviewed
CVE-2021-27170 was published May 24, 2022
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files ... High Unreviewed
CVE-2021-25276 was published May 24, 2022
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed
CVE-2021-25776 was published May 24, 2022
In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can... Moderate Unreviewed
CVE-2020-29603 was published May 24, 2022
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks... Moderate Unreviewed
CVE-2020-4674 was published May 24, 2022
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in... Moderate Unreviewed
CVE-2020-4673 was published May 24, 2022
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10... Moderate Unreviewed
CVE-2020-9202 was published May 24, 2022
An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control... Moderate Unreviewed
CVE-2020-26176 was published May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to... Low Unreviewed
CVE-2020-4906 was published May 24, 2022
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2020-27746 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with... Low Unreviewed
CVE-2019-19561 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker... Moderate Unreviewed
CVE-2019-19562 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with... Low Unreviewed
CVE-2019-19557 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed
CVE-2019-19560 was published May 24, 2022
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that... Low Unreviewed
CVE-2020-4886 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a... Moderate Unreviewed
CVE-2020-11484 was published May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was... Moderate Unreviewed
CVE-2019-8898 was published May 24, 2022
This issue was resolved by replacing device names with a random identifier. This issue is fixed... Low Unreviewed
CVE-2019-8799 was published May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to... Moderate Unreviewed
CVE-2019-8790 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database