Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

339 advisories

Loading
Sensitive Data Exposure in Openshift Container Platform Moderate Unreviewed
CVE-2019-10213 was published May 17, 2021
Information Disclosure in OpenShift Container Platform Moderate Unreviewed
CVE-2020-10712 was published May 25, 2021
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters... Moderate Unreviewed
CVE-2021-27026 was published Nov 19, 2021
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A... Moderate Unreviewed
CVE-2021-36340 was published Nov 21, 2021
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This... Moderate Unreviewed
CVE-2021-21561 was published Nov 24, 2021
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default... Moderate Unreviewed
CVE-2021-36718 was published Dec 9, 2021
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN... Moderate Unreviewed
CVE-2021-0997 was published Dec 16, 2021
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed
CVE-2021-36318 was published Dec 22, 2021
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token... Moderate Unreviewed
CVE-2021-45449 was published Jan 13, 2022
SAP Business One - version 10.0, extended log stores information that can be of a sensitive... Moderate Unreviewed
CVE-2021-44234 was published Jan 15, 2022
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-39032 was published Jan 15, 2022
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and... Moderate Unreviewed
CVE-2022-22703 was published Jan 18, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20630 was published Feb 11, 2022
An information exposure through log file vulnerability exists in the Palo Alto Networks... Moderate Unreviewed
CVE-2022-0021 was published Feb 11, 2022
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of... Moderate Unreviewed
CVE-2022-22939 was published Feb 11, 2022
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed
CVE-2021-25009 was published Mar 8, 2022
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),... Moderate Unreviewed
CVE-2021-41543 was published Mar 9, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2021-38939 was published Apr 28, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that... Moderate Unreviewed
CVE-2022-27888 was published Apr 28, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains... Moderate Unreviewed
CVE-2022-29869 was published Apr 29, 2022
The log files in Apache web server contain information directly supplied by clients and does not... Moderate Unreviewed
CVE-2001-1556 was published Apr 30, 2022
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1... Moderate Unreviewed
CVE-2017-2621 was published May 3, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when... Moderate Unreviewed
CVE-2022-28859 was published May 6, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-27636 was published May 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database