GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
222 advisories
Filter by severity
Server metadata could be exposed because one of the error messages reflected the whole response...
Moderate
Unreviewed
CVE-2019-12156
was published
May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and...
Moderate
Unreviewed
CVE-2019-3730
was published
May 24, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4485
was published
May 24, 2022
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and...
Moderate
Unreviewed
CVE-2019-4484
was published
May 24, 2022
JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization
Moderate
CVE-2022-31189
was published
for
org.dspace:dspace-jspui
(Maven)
Aug 6, 2022
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid...
Moderate
Unreviewed
CVE-2020-19275
was published
May 24, 2022
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could...
Moderate
Unreviewed
CVE-2021-39018
was published
Jul 15, 2022
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information...
Moderate
Unreviewed
CVE-2022-31229
was published
Jun 29, 2022
Dev error stack trace leaking into prod in Play Framework
Moderate
CVE-2022-31023
was published
for
com.typesafe.play:play_2.12
(Maven)
Jun 3, 2022
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is...
Moderate
Unreviewed
CVE-2022-26973
was published
Jun 3, 2022
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote...
Moderate
Unreviewed
CVE-2020-23995
was published
May 24, 2022
Generation of Error Message Containing Sensitive Information in Elasticsearch
Moderate
CVE-2021-22145
was published
for
org.elasticsearch.client:elasticsearch-rest-client
(Maven)
May 24, 2022
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability.
Moderate
Unreviewed
CVE-2020-20470
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0...
Moderate
Unreviewed
CVE-2021-39033
was published
Apr 20, 2022
Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14...
Moderate
Unreviewed
CVE-2022-1120
was published
Apr 5, 2022
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2021-35251
was published
Mar 11, 2022
Generation of Error Message Containing Sensitive Information in RESTEasy client
Moderate
CVE-2020-25633
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
Jun 3, 2021
Information leakage in Error Handler
Moderate
GHSA-9vxv-wpv4-f52p
was published
for
shopware/shopware
(Composer)
May 21, 2021
Reset Password / Login vulnerability in Sulu
Moderate
CVE-2020-15132
was published
for
sulu/sulu
(Composer)
Aug 5, 2020
Sensitive Data Exposure in parse-server
Moderate
CVE-2019-1020013
was published
for
parse-server
(npm)
Jul 11, 2019
ProTip!
Advisories are also available from the
GraphQL API