GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,731
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,004
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,707

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Filter by severity

Sort by

Least recently updated

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed

CVE-2017-8075 was published May 17, 2022

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log... Critical Unreviewed

CVE-2017-8074 was published May 17, 2022

Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may... Critical Unreviewed

CVE-2016-8233 was published May 17, 2022

API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in... Critical Unreviewed

CVE-2019-4008 was published May 13, 2022

A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed

CVE-2021-37760 was published May 24, 2022

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed

CVE-2021-37759 was published May 24, 2022

A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens... Critical Unreviewed

CVE-2021-3528 was published May 24, 2022

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1... Critical Unreviewed

CVE-2019-7612 was published May 13, 2022

Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part... Critical Unreviewed

CVE-2018-1264 was published May 13, 2022

ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log... Critical Unreviewed

CVE-2018-1072 was published May 13, 2022

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored... Critical Unreviewed

CVE-2018-17922 was published May 13, 2022

The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver... Critical Unreviewed

CVE-2017-9278 was published May 13, 2022

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations... Critical Unreviewed

CVE-2017-7434 was published May 13, 2022

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an... Critical Unreviewed

CVE-2017-6709 was published May 13, 2022

Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache)... Critical Unreviewed

CVE-2017-15366 was published May 13, 2022

An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x... Critical Unreviewed

CVE-2017-4955 was published May 13, 2022

Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an... Critical Unreviewed

CVE-2018-0042 was published May 13, 2022

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain... Critical Unreviewed

CVE-2017-9615 was published May 13, 2022

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before... Critical Unreviewed

CVE-2018-16049 was published May 14, 2022

An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is... Critical Unreviewed

CVE-2018-11716 was published May 14, 2022

In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target... Critical Unreviewed

CVE-2018-11320 was published May 14, 2022

An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access... Critical Unreviewed

CVE-2018-11717 was published May 14, 2022

Ionic Team Cordova plugin iOS Keychain version before commit... Critical Unreviewed

CVE-2018-1000123 was published May 14, 2022

Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in... Critical Unreviewed

CVE-2017-1000171 was published May 17, 2022

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5... Critical Unreviewed

CVE-2017-6165 was published May 17, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34 advisories