Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

676 advisories

Loading
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s... Moderate Unreviewed
CVE-2022-28625 was published Sep 1, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to... High Unreviewed
CVE-2019-11283 was published May 24, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential... Moderate Unreviewed
CVE-2019-14885 was published May 24, 2022
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in... Critical Unreviewed
CVE-2019-4008 was published May 13, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while... Moderate Unreviewed
CVE-2019-16210 was published May 24, 2022
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account... Low Unreviewed
CVE-2019-16206 was published May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external... Moderate Unreviewed
CVE-2019-16204 was published May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote... Moderate Unreviewed
CVE-2019-16203 was published May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed
CVE-2020-5400 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS... Low Unreviewed
CVE-2019-19756 was published May 24, 2022
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive... Moderate Unreviewed
CVE-2022-23715 was published Aug 26, 2022
An information exposure vulnerability in the logging component of Palo Alto Networks Global... Low Unreviewed
CVE-2020-1987 was published May 24, 2022
npm CLI exposing sensitive information through logs Moderate
CVE-2020-15095 was published for npm (npm) Jul 7, 2020
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6,... Moderate Unreviewed
CVE-2022-31239 was published Oct 21, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog... Moderate Unreviewed
CVE-2020-13881 was published May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262... Moderate Unreviewed
CVE-2020-11646 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote... Moderate Unreviewed
CVE-2020-15370 was published May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and... Moderate Unreviewed
CVE-2020-11643 was published May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Low Unreviewed
CVE-2020-7322 was published May 24, 2022
An information exposure through log file vulnerability exists where the password for the... Low Unreviewed
CVE-2020-2048 was published May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the... Moderate Unreviewed
CVE-2020-10762 was published May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files... Moderate Unreviewed
CVE-2020-4900 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API