Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

175 advisories

Loading
An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log... High Unreviewed
CVE-2022-32556 was published Jul 22, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the... High Unreviewed
CVE-2022-23141 was published Jul 16, 2022
The OpenVPN Access Server installer creates a log file readable for everyone, which from version... High Unreviewed
CVE-2022-33737 was published Jul 7, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A... High Unreviewed
CVE-2022-32254 was published Jun 15, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed
CVE-2022-32565 was published Jun 14, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. High Unreviewed
CVE-2020-15380 was published May 24, 2022
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an... High Unreviewed
CVE-2021-20129 was published May 24, 2022
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read... High Unreviewed
CVE-2021-22024 was published May 24, 2022
Certain NetModule devices allow credentials via GET parameters to CLI-PHP. These models with... High Unreviewed
CVE-2021-39291 was published May 24, 2022
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an... High Unreviewed
CVE-2021-21601 was published May 24, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin... High Unreviewed
CVE-2020-21933 was published May 24, 2022
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and... High Unreviewed
CVE-2020-23284 was published May 24, 2022
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager ... High Unreviewed
CVE-2021-22516 was published May 24, 2022
Vault GitHub Action did not correctly mask multi-line secrets in output High
CVE-2021-32074 was published for hashicorp/vault-action (GitHub Actions) May 24, 2022
tdunlap607 Gentoli
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive... High Unreviewed
CVE-2021-23924 was published May 24, 2022
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE... High Unreviewed
CVE-2021-1442 was published May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as... High Unreviewed
CVE-2020-35234 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center... High Unreviewed
CVE-2020-3281 was published May 24, 2022
TODO DODO High Unreviewed
CVE-2019-18193 was published May 24, 2022
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can... High Unreviewed
CVE-2019-18385 was published May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to... High Unreviewed
CVE-2019-11283 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database