Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

338 advisories

Loading
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the... Moderate Unreviewed
CVE-2018-1876 was published May 13, 2022
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker... Moderate Unreviewed
CVE-2018-3776 was published May 13, 2022
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in... Moderate Unreviewed
CVE-2019-0021 was published May 13, 2022
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users'... Moderate Unreviewed
CVE-2019-3715 was published May 13, 2022
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16... Moderate Unreviewed
CVE-2018-7754 was published May 13, 2022
A plain keystore password is written to a system log file in SAP HANA Extended Application... Moderate Unreviewed
CVE-2018-2372 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a... Moderate Unreviewed
CVE-2018-16095 was published May 13, 2022
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated... Moderate Unreviewed
CVE-2019-0004 was published May 13, 2022
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful... Moderate Unreviewed
CVE-2018-7682 was published May 13, 2022
An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 ... Moderate Unreviewed
CVE-2019-8944 was published May 13, 2022
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible Moderate Unreviewed
CVE-2022-29928 was published May 13, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade... Moderate Unreviewed
CVE-2022-28161 was published May 10, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-27636 was published May 6, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when... Moderate Unreviewed
CVE-2022-28859 was published May 6, 2022
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1... Moderate Unreviewed
CVE-2017-2621 was published May 3, 2022
The log files in Apache web server contain information directly supplied by clients and does not... Moderate Unreviewed
CVE-2001-1556 was published Apr 30, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains... Moderate Unreviewed
CVE-2022-29869 was published Apr 29, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that... Moderate Unreviewed
CVE-2022-27888 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2021-38939 was published Apr 28, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),... Moderate Unreviewed
CVE-2021-41543 was published Mar 9, 2022
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed
CVE-2021-25009 was published Mar 8, 2022
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of... Moderate Unreviewed
CVE-2022-22939 was published Feb 11, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20630 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database