Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,089
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

157 advisories

Loading
Information Exposure in cordova-android High
CVE-2016-6799 was published for cordova-android (npm) Sep 11, 2020
Insertion of Sensitive Information into Log File in Jupyter notebook High
CVE-2022-24757 was published for jupyter-server (pip) Mar 25, 2022
3coins
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed
CVE-2021-38283 was published Nov 30, 2021
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed
CVE-2022-27442 was published Apr 5, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs High
CVE-2022-24758 was published for notebook (pip) Apr 5, 2022
3coins
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed
CVE-2021-45103 was published Apr 7, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed
CVE-2022-32565 was published Jun 14, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A... High Unreviewed
CVE-2022-32254 was published Jun 15, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the... High Unreviewed
CVE-2022-23141 was published Jul 16, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform... High Unreviewed
CVE-2016-8346 was published May 17, 2022
An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log... High Unreviewed
CVE-2022-32556 was published Jul 22, 2022
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016... High Unreviewed
CVE-2017-5153 was published May 17, 2022
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and... High Unreviewed
CVE-2016-9344 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8... High Unreviewed
CVE-2015-8977 was published May 17, 2022
django-anymail Includes Sensitive Information in Log Files High
CVE-2018-1000089 was published for django-anymail (pip) May 14, 2022
westonsteimel
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were... High Unreviewed
CVE-2022-27895 was published Nov 16, 2022
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where... High Unreviewed
CVE-2022-27896 was published Nov 15, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to... High Unreviewed
CVE-2019-11283 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as... High Unreviewed
CVE-2020-35234 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0... High Unreviewed
CVE-2022-34369 was published Sep 3, 2022
ProTip! Advisories are also available from the GraphQL API