GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
344 advisories
Filter by severity
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to...
Moderate
Unreviewed
CVE-2019-14782
was published
May 24, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which...
Moderate
Unreviewed
CVE-2022-25518
was published
Mar 24, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be...
Moderate
Unreviewed
CVE-2022-28774
was published
May 12, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an...
Moderate
Unreviewed
CVE-2019-15508
was published
May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
Moderate
Unreviewed
CVE-2022-20807
was published
May 28, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an...
Moderate
Unreviewed
CVE-2019-15507
was published
May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
Moderate
Unreviewed
CVE-2022-20809
was published
May 27, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6...
Moderate
Unreviewed
CVE-2022-30733
was published
Jun 8, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized...
Moderate
Unreviewed
CVE-2022-32193
was published
Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
Moderate
Unreviewed
CVE-2021-1576
was published
May 24, 2022
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.
Moderate
Unreviewed
CVE-2022-30148
was published
Jun 16, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain...
Moderate
Unreviewed
CVE-2015-3243
was published
May 17, 2022
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and...
Moderate
Unreviewed
CVE-2022-20768
was published
Jul 7, 2022
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in...
Moderate
Unreviewed
CVE-2022-33911
was published
Jul 13, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be...
Moderate
Unreviewed
CVE-2016-9985
was published
May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could...
Moderate
Unreviewed
CVE-2017-5137
was published
May 17, 2022
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged...
Moderate
Unreviewed
CVE-2022-31674
was published
Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in...
Moderate
Unreviewed
CVE-2022-36321
was published
Jul 21, 2022
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log...
Moderate
Unreviewed
CVE-2016-8912
was published
May 17, 2022
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token...
Moderate
Unreviewed
CVE-2022-32217
was published
Sep 25, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive...
Moderate
Unreviewed
CVE-2016-2928
was published
May 17, 2022
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local...
Moderate
Unreviewed
CVE-2016-5967
was published
May 17, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive...
Moderate
Unreviewed
CVE-2021-39011
was published
Jan 20, 2023
IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2022-35719
was published
Nov 14, 2022
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The...
Moderate
Unreviewed
CVE-2022-33187
was published
Dec 9, 2022
ProTip!
Advisories are also available from the
GraphQL API