Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in... Moderate Unreviewed
CVE-2022-35719 was published Nov 14, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive... Moderate Unreviewed
CVE-2021-39011 was published Jan 20, 2023
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed
CVE-2016-5967 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-2928 was published May 17, 2022
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log... Moderate Unreviewed
CVE-2016-8912 was published May 17, 2022
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... Moderate Unreviewed
CVE-2022-31674 was published Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in... Moderate Unreviewed
CVE-2022-36321 was published Jul 21, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be... Moderate Unreviewed
CVE-2016-9985 was published May 17, 2022
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in... Moderate Unreviewed
CVE-2022-33911 was published Jul 13, 2022
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and... Moderate Unreviewed
CVE-2022-20768 was published Jul 7, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2022-32193 was published Jun 14, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30733 was published Jun 8, 2022
Exposure of Sensitive Information in Gradle publish plugin Moderate
CVE-2020-7599 was published for com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin (Maven) May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed
CVE-2022-20809 was published May 27, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15507 was published May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed
CVE-2022-20807 was published May 28, 2022
Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin Moderate
CVE-2019-10370 was published for org.jenkins-ci.plugins:mask-passwords (Maven) May 24, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
Insertion of Sensitive Information into Log File in Elasticsearch Moderate
CVE-2020-7021 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
LunaBorowska
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to... Moderate Unreviewed
CVE-2019-14782 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database