GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
602 advisories
Filter by severity
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),...
Moderate
Unreviewed
CVE-2021-41543
was published
Mar 9, 2022
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly...
Moderate
Unreviewed
CVE-2021-25009
was published
Mar 8, 2022
HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File.
High
Unreviewed
CVE-2022-25374
was published
Feb 26, 2022
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of...
Moderate
Unreviewed
CVE-2022-22939
was published
Feb 11, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2022-20630
was published
Feb 11, 2022
An information exposure through log file vulnerability exists in the Palo Alto Networks...
Moderate
Unreviewed
CVE-2022-0021
was published
Feb 11, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure...
High
Unreviewed
CVE-2021-36289
was published
Jan 27, 2022
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated...
Low
Unreviewed
CVE-2021-41808
was published
Jan 19, 2022
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and...
Moderate
Unreviewed
CVE-2022-22703
was published
Jan 18, 2022
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2021-39032
was published
Jan 15, 2022
SAP Business One - version 10.0, extended log stores information that can be of a sensitive...
Moderate
Unreviewed
CVE-2021-44234
was published
Jan 15, 2022
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token...
Moderate
Unreviewed
CVE-2021-45449
was published
Jan 13, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <...
High
Unreviewed
CVE-2021-45034
was published
Jan 12, 2022
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage...
Moderate
Unreviewed
CVE-2021-36318
was published
Dec 22, 2021
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a...
Low
Unreviewed
CVE-2021-0991
was published
Dec 16, 2021
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN...
Moderate
Unreviewed
CVE-2021-0997
was published
Dec 16, 2021
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when...
High
Unreviewed
CVE-2021-37861
was published
Dec 10, 2021
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default...
Moderate
Unreviewed
CVE-2021-36718
was published
Dec 9, 2021
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application...
High
Unreviewed
CVE-2021-38283
was published
Nov 30, 2021
Sensitive information could be logged. The following products are affected: Acronis Agent ...
High
Unreviewed
CVE-2021-34800
was published
Nov 30, 2021
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This...
Moderate
Unreviewed
CVE-2021-21561
was published
Nov 24, 2021
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2021-36340
was published
Nov 21, 2021
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters...
Moderate
Unreviewed
CVE-2021-27026
was published
Nov 19, 2021
ProTip!
Advisories are also available from the
GraphQL API