Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage... Critical Unreviewed
CVE-2022-36407 was published Mar 25, 2024
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion... Critical Unreviewed
CVE-2023-36649 was published Dec 12, 2023
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the... Critical Unreviewed
CVE-2023-46668 was published Oct 26, 2023
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed
CVE-2021-37760 was published May 24, 2022
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate... Critical Unreviewed
CVE-2021-37759 was published May 24, 2022
A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens... Critical Unreviewed
CVE-2021-3528 was published May 24, 2022
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log... Critical Unreviewed
CVE-2019-17395 was published May 24, 2022
In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the... Critical Unreviewed
CVE-2019-17398 was published May 24, 2022
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log... Critical Unreviewed
CVE-2019-17355 was published May 24, 2022
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in... Critical Unreviewed
CVE-2019-17396 was published May 24, 2022
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are... Critical Unreviewed
CVE-2019-17394 was published May 24, 2022
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade,... Critical Unreviewed
CVE-2019-15294 was published May 24, 2022
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may... Critical Unreviewed
CVE-2016-8233 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log... Critical Unreviewed
CVE-2017-8074 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed
CVE-2017-8075 was published May 17, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5... Critical Unreviewed
CVE-2017-6165 was published May 17, 2022
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in... Critical Unreviewed
CVE-2017-1000171 was published May 17, 2022
Ionic Team Cordova plugin iOS Keychain version before commit... Critical Unreviewed
CVE-2018-1000123 was published May 14, 2022
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target... Critical Unreviewed
CVE-2018-11320 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is... Critical Unreviewed
CVE-2018-11716 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access... Critical Unreviewed
CVE-2018-11717 was published May 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before... Critical Unreviewed
CVE-2018-16049 was published May 14, 2022
Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an... Critical Unreviewed
CVE-2018-0042 was published May 13, 2022
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain... Critical Unreviewed
CVE-2017-9615 was published May 13, 2022
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x... Critical Unreviewed
CVE-2017-4955 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API