GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log...
Critical
Unreviewed
CVE-2019-17395
was published
May 24, 2022
In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the...
Critical
Unreviewed
CVE-2019-17398
was published
May 24, 2022
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in...
Critical
Unreviewed
CVE-2019-17396
was published
May 24, 2022
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log...
Critical
Unreviewed
CVE-2019-17355
was published
May 24, 2022
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are...
Critical
Unreviewed
CVE-2019-17394
was published
May 24, 2022
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade,...
Critical
Unreviewed
CVE-2019-15294
was published
May 24, 2022
Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage...
Critical
Unreviewed
CVE-2022-36407
was published
Mar 25, 2024
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion...
Critical
Unreviewed
CVE-2023-36649
was published
Dec 12, 2023
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the...
Critical
Unreviewed
CVE-2023-46668
was published
Oct 26, 2023
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5...
Critical
Unreviewed
CVE-2017-6165
was published
May 17, 2022
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in...
Critical
Unreviewed
CVE-2017-1000171
was published
May 17, 2022
Ionic Team Cordova plugin iOS Keychain version before commit...
Critical
Unreviewed
CVE-2018-1000123
was published
May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access...
Critical
Unreviewed
CVE-2018-11717
was published
May 14, 2022
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target...
Critical
Unreviewed
CVE-2018-11320
was published
May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is...
Critical
Unreviewed
CVE-2018-11716
was published
May 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before...
Critical
Unreviewed
CVE-2018-16049
was published
May 14, 2022
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain...
Critical
Unreviewed
CVE-2017-9615
was published
May 13, 2022
Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an...
Critical
Unreviewed
CVE-2018-0042
was published
May 13, 2022
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x...
Critical
Unreviewed
CVE-2017-4955
was published
May 13, 2022
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache)...
Critical
Unreviewed
CVE-2017-15366
was published
May 13, 2022
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an...
Critical
Unreviewed
CVE-2017-6709
was published
May 13, 2022
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations...
Critical
Unreviewed
CVE-2017-7434
was published
May 13, 2022
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver...
Critical
Unreviewed
CVE-2017-9278
was published
May 13, 2022
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored...
Critical
Unreviewed
CVE-2018-17922
was published
May 13, 2022
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log...
Critical
Unreviewed
CVE-2018-1072
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API