Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

742 advisories

Loading
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151... Moderate Unreviewed
CVE-2021-25420 was published May 24, 2022
Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151... Moderate Unreviewed
CVE-2021-25422 was published May 24, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2021-38939 was published Apr 28, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that... Moderate Unreviewed
CVE-2022-27888 was published Apr 28, 2022
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged... Low Unreviewed
CVE-2021-29759 was published May 24, 2022
myFax version 229 logs sensitive information in the export log module which allows any user to... Moderate Unreviewed
CVE-2020-24038 was published May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated... Moderate Unreviewed
CVE-2021-34689 was published May 24, 2022
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and... High Unreviewed
CVE-2020-23284 was published May 24, 2022
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin... High Unreviewed
CVE-2020-21933 was published May 24, 2022
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed
CVE-2021-37760 was published May 24, 2022
Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information... Moderate Unreviewed
CVE-2021-21546 was published May 24, 2022
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed
CVE-2021-37759 was published May 24, 2022
Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An... Low Unreviewed
CVE-2021-21597 was published May 24, 2022
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an... High Unreviewed
CVE-2021-21601 was published May 24, 2022
Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure... Low Unreviewed
CVE-2021-21598 was published May 24, 2022
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS... Low Unreviewed
CVE-2021-3037 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x and 9.1.0.x contain an insertion of sensitive... Moderate Unreviewed
CVE-2021-36278 was published May 24, 2022
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed
CVE-2021-36318 was published Dec 22, 2021
A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens... Critical Unreviewed
CVE-2021-3528 was published May 24, 2022
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read... High Unreviewed
CVE-2021-22024 was published May 24, 2022
PuppetDB logging included potentially sensitive system information. Moderate Unreviewed
CVE-2021-27019 was published May 24, 2022
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters... Moderate Unreviewed
CVE-2021-27022 was published May 24, 2022
OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via... Moderate Unreviewed
CVE-2021-40352 was published May 24, 2022
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged... Moderate Unreviewed
CVE-2021-22929 was published May 24, 2022
On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure... Moderate Unreviewed
CVE-2021-23046 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database