GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
146 advisories
Filter by severity
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application...
High
Unreviewed
CVE-2021-38283
was published
Nov 30, 2021
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information...
High
Unreviewed
CVE-2022-27442
was published
Apr 5, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can...
High
Unreviewed
CVE-2021-45103
was published
Apr 7, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
High
Unreviewed
CVE-2022-20806
was published
May 28, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another...
High
Unreviewed
CVE-2021-28131
was published
May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11...
High
Unreviewed
CVE-2021-43271
was published
Jun 4, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted...
High
Unreviewed
CVE-2022-32565
was published
Jun 14, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the...
High
Unreviewed
CVE-2022-23141
was published
Jul 16, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform...
High
Unreviewed
CVE-2016-8346
was published
May 17, 2022
An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log...
High
Unreviewed
CVE-2022-32556
was published
Jul 22, 2022
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016...
High
Unreviewed
CVE-2017-5153
was published
May 17, 2022
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and...
High
Unreviewed
CVE-2016-9344
was published
May 17, 2022
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8...
High
Unreviewed
CVE-2015-8977
was published
May 17, 2022
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were...
High
Unreviewed
CVE-2022-27895
was published
Nov 16, 2022
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where...
High
Unreviewed
CVE-2022-27896
was published
Nov 15, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)...
High
Unreviewed
CVE-2019-5532
was published
May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to...
High
Unreviewed
CVE-2019-11283
was published
May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC...
High
Unreviewed
CVE-2020-26106
was published
May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as...
High
Unreviewed
CVE-2020-35234
was published
May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0...
High
Unreviewed
CVE-2022-34369
was published
Sep 3, 2022
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE...
High
Unreviewed
CVE-2021-1442
was published
May 24, 2022
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager ...
High
Unreviewed
CVE-2021-22516
was published
May 24, 2022
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive...
High
Unreviewed
CVE-2021-23924
was published
May 24, 2022
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and...
High
Unreviewed
CVE-2020-23284
was published
May 24, 2022
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin...
High
Unreviewed
CVE-2020-21933
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API