GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
90 advisories
Filter by severity
Sensitive Data Exposure in sequelize-cli
Low
GHSA-3xc7-xg67-pw99
was published
for
sequelize-cli
(npm)
Jun 5, 2019
Log injection in SimpleSAMLphp
Low
CVE-2020-5225
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Information Disclosure in go.elastic.co/apm
Low
CVE-2021-22133
was published
for
go.elastic.co/apm
(Go)
May 18, 2021
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a...
Low
Unreviewed
CVE-2021-0991
was published
Dec 16, 2021
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated...
Low
Unreviewed
CVE-2021-41808
was published
Jan 19, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751...
Low
Unreviewed
CVE-2022-25829
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows...
Low
Unreviewed
CVE-2022-25827
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741...
Low
Unreviewed
CVE-2022-25823
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows...
Low
Unreviewed
CVE-2022-25828
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin
Low
CVE-2022-27195
was published
for
org.jenkins-ci.plugins:parameterized-trigger
(Maven)
Mar 16, 2022
In ArrayMap, there is a possible leak of the content of SMS messages due to log information...
Low
Unreviewed
CVE-2021-39739
was published
Mar 31, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to...
Low
Unreviewed
CVE-2022-1157
was published
Apr 12, 2022
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0...
Low
Unreviewed
CVE-2011-1943
was published
May 13, 2022
The commandline package update tool zypper writes HTTP proxy credentials into its logfile,...
Low
Unreviewed
CVE-2017-9271
was published
May 13, 2022
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the...
Low
Unreviewed
CVE-2013-6384
was published
May 13, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a...
Low
Unreviewed
CVE-2017-1733
was published
May 13, 2022
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log
Low
CVE-2018-1999036
was published
for
org.jenkins-ci.plugins:ssh-agent
(Maven)
May 13, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover...
Low
Unreviewed
CVE-2018-5693
was published
May 14, 2022
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive...
Low
Unreviewed
CVE-2016-0296
was published
May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by...
Low
Unreviewed
CVE-2016-2943
was published
May 17, 2022
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0...
Low
Unreviewed
CVE-2016-5432
was published
May 17, 2022
IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a...
Low
Unreviewed
CVE-2019-4296
was published
May 24, 2022
cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of...
Low
Unreviewed
CVE-2017-18412
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API