GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
742 advisories
Filter by severity
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)...
High
Unreviewed
CVE-2019-5532
was published
May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to...
High
Unreviewed
CVE-2019-11283
was published
May 24, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential...
Moderate
Unreviewed
CVE-2019-14885
was published
May 24, 2022
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in...
Critical
Unreviewed
CVE-2019-4008
was published
May 13, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while...
Moderate
Unreviewed
CVE-2019-16210
was published
May 24, 2022
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account...
Low
Unreviewed
CVE-2019-16206
was published
May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote...
Moderate
Unreviewed
CVE-2019-16203
was published
May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external...
Moderate
Unreviewed
CVE-2019-16204
was published
May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background...
Moderate
Unreviewed
CVE-2020-5400
was published
May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS...
Low
Unreviewed
CVE-2019-19756
was published
May 24, 2022
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive...
Moderate
Unreviewed
CVE-2022-23715
was published
Aug 26, 2022
An information exposure vulnerability in the logging component of Palo Alto Networks Global...
Low
Unreviewed
CVE-2020-1987
was published
May 24, 2022
npm CLI exposing sensitive information through logs
Moderate
CVE-2020-15095
was published
for
npm
(npm)
Jul 7, 2020
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6,...
Moderate
Unreviewed
CVE-2022-31239
was published
Oct 21, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog...
Moderate
Unreviewed
CVE-2020-13881
was published
May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262...
Moderate
Unreviewed
CVE-2020-11646
was published
May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC...
High
Unreviewed
CVE-2020-26106
was published
May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2020-15370
was published
May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and...
Moderate
Unreviewed
CVE-2020-11643
was published
May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7...
Low
Unreviewed
CVE-2020-7322
was published
May 24, 2022
An information exposure through log file vulnerability exists where the password for the...
Low
Unreviewed
CVE-2020-2048
was published
May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the...
Moderate
Unreviewed
CVE-2020-10762
was published
May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files...
Moderate
Unreviewed
CVE-2020-4900
was published
May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as...
High
Unreviewed
CVE-2020-35234
was published
May 24, 2022
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to...
Moderate
Unreviewed
CVE-2020-0476
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API