Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

346 advisories

Loading
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL... Moderate Unreviewed
CVE-2017-1198 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores... Moderate Unreviewed
CVE-2017-1480 was published May 13, 2022
IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly... Moderate Unreviewed
CVE-2017-1795 was published May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-17499 was published May 13, 2022
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version,... Moderate Unreviewed
CVE-2018-19014 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1349 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1350 was published May 13, 2022
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace... Moderate Unreviewed
CVE-2018-1788 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the... Moderate Unreviewed
CVE-2018-1876 was published May 13, 2022
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker... Moderate Unreviewed
CVE-2018-3776 was published May 13, 2022
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in... Moderate Unreviewed
CVE-2019-0021 was published May 13, 2022
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users'... Moderate Unreviewed
CVE-2019-3715 was published May 13, 2022
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16... Moderate Unreviewed
CVE-2018-7754 was published May 13, 2022
A plain keystore password is written to a system log file in SAP HANA Extended Application... Moderate Unreviewed
CVE-2018-2372 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a... Moderate Unreviewed
CVE-2018-16095 was published May 13, 2022
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated... Moderate Unreviewed
CVE-2019-0004 was published May 13, 2022
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful... Moderate Unreviewed
CVE-2018-7682 was published May 13, 2022
An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 ... Moderate Unreviewed
CVE-2019-8944 was published May 13, 2022
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible Moderate Unreviewed
CVE-2022-29928 was published May 13, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
An information exposure through log file vulnerability in Brocade SANNav versions before Brocade... Moderate Unreviewed
CVE-2022-28161 was published May 10, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-27636 was published May 6, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when... Moderate Unreviewed
CVE-2022-28859 was published May 6, 2022
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1... Moderate Unreviewed
CVE-2017-2621 was published May 3, 2022
The log files in Apache web server contain information directly supplied by clients and does not... Moderate Unreviewed
CVE-2001-1556 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database