Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

155 advisories

Loading
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4600 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4599 was published May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4487 was published May 24, 2022
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2020-4544 was published May 24, 2022
IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could... Moderate Unreviewed
CVE-2020-4897 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... Moderate Unreviewed
CVE-2020-4761 was published May 24, 2022
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2020-4842 was published May 24, 2022
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due... Moderate Unreviewed
CVE-2020-14270 was published May 24, 2022
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2020-4846 was published May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a... Moderate Unreviewed
CVE-2020-4907 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker... Moderate Unreviewed
CVE-2020-4483 was published May 24, 2022
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive... Moderate Unreviewed
CVE-2019-4547 was published May 24, 2022
A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the... Moderate Unreviewed
CVE-2020-15794 was published May 24, 2022
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a... Moderate Unreviewed
CVE-2020-6503 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2019-4729 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an... Moderate Unreviewed
CVE-2020-6438 was published May 24, 2022
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request... Moderate Unreviewed
CVE-2020-9351 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when ... Moderate Unreviewed
CVE-2019-19342 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4441 was published May 24, 2022
Server metadata could be exposed because one of the error messages reflected the whole response... Moderate Unreviewed
CVE-2019-12156 was published May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and... Moderate Unreviewed
CVE-2019-3730 was published May 24, 2022
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS... Moderate Unreviewed
CVE-2019-11602 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4484 was published May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and... Moderate Unreviewed
CVE-2019-4485 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages,... Moderate Unreviewed
CVE-2019-4420 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API