GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
602 advisories
Filter by severity
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to...
Moderate
Unreviewed
CVE-2019-14782
was published
May 24, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which...
Moderate
Unreviewed
CVE-2022-25518
was published
Mar 24, 2022
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application...
High
Unreviewed
CVE-2021-38283
was published
Nov 30, 2021
In ArrayMap, there is a possible leak of the content of SMS messages due to log information...
Low
Unreviewed
CVE-2021-39739
was published
Mar 31, 2022
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information...
High
Unreviewed
CVE-2022-27442
was published
Apr 5, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can...
High
Unreviewed
CVE-2021-45103
was published
Apr 7, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to...
Low
Unreviewed
CVE-2022-1157
was published
Apr 12, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be...
Moderate
Unreviewed
CVE-2022-28774
was published
May 12, 2022
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions...
Low
Unreviewed
CVE-2022-36877
was published
Sep 10, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an...
Moderate
Unreviewed
CVE-2019-15508
was published
May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
Moderate
Unreviewed
CVE-2022-20807
was published
May 28, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an...
Moderate
Unreviewed
CVE-2019-15507
was published
May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
Moderate
Unreviewed
CVE-2022-20809
was published
May 27, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
High
Unreviewed
CVE-2022-20806
was published
May 28, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6...
Moderate
Unreviewed
CVE-2022-30733
was published
Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2...
Low
Unreviewed
CVE-2022-30742
was published
Jun 8, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another...
High
Unreviewed
CVE-2021-28131
was published
May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11...
High
Unreviewed
CVE-2021-43271
was published
Jun 4, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized...
Moderate
Unreviewed
CVE-2022-32193
was published
Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
Moderate
Unreviewed
CVE-2021-1576
was published
May 24, 2022
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.
Moderate
Unreviewed
CVE-2022-30148
was published
Jun 16, 2022
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7...
Low
Unreviewed
CVE-2022-30741
was published
Jun 8, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted...
High
Unreviewed
CVE-2022-32565
was published
Jun 14, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain...
Moderate
Unreviewed
CVE-2015-3243
was published
May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log...
Critical
Unreviewed
CVE-2017-8075
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API