GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,706

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Filter by severity

Sort by

Least recently updated

Sensitive information could be logged. The following products are affected: Acronis Agent ... High Unreviewed

CVE-2021-34800 was published Nov 30, 2021

Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed

CVE-2021-38283 was published Nov 30, 2021

Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when... High Unreviewed

CVE-2021-37861 was published Dec 10, 2021

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed

CVE-2021-45034 was published Jan 12, 2022

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure... High Unreviewed

CVE-2021-36289 was published Jan 27, 2022

HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File. High Unreviewed

CVE-2022-25374 was published Feb 26, 2022

A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in... High Unreviewed

CVE-2022-0725 was published Mar 11, 2022

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed

CVE-2022-27442 was published Apr 5, 2022

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed

CVE-2021-45103 was published Apr 7, 2022

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log... High Unreviewed

CVE-2016-0879 was published May 13, 2022

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration... High Unreviewed

CVE-2016-0875 was published May 13, 2022

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and... High Unreviewed

CVE-2019-3500 was published May 13, 2022

An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI... High Unreviewed

CVE-2016-9882 was published May 13, 2022

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive... High Unreviewed

CVE-2018-7683 was published May 13, 2022

It was discovered that a world-readable log file belonging to Candlepin component of Red Hat... High Unreviewed

CVE-2019-3891 was published May 13, 2022

A password management issue exists where the Organization authentication username and password... High Unreviewed

CVE-2019-0032 was published May 13, 2022

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly... High Unreviewed

CVE-2018-3827 was published May 13, 2022

Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7... High Unreviewed

CVE-2018-15797 was published May 13, 2022

** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode... High Unreviewed

CVE-2018-18466 was published May 13, 2022

Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users.... High Unreviewed

CVE-2019-0029 was published May 13, 2022

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS... High Unreviewed

CVE-2019-0266 was published May 13, 2022

RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The... High Unreviewed

CVE-2019-3716 was published May 13, 2022

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to... High Unreviewed

CVE-2019-9976 was published May 13, 2022

Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and... High Unreviewed

CVE-2018-1223 was published May 13, 2022

An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support... High Unreviewed

CVE-2017-8001 was published May 13, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

146 advisories