GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,946
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,235
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,567

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

602 advisories

Filter by severity

Sort by

Least recently updated

Sensitive Data Exposure in Openshift Container Platform Moderate Unreviewed

CVE-2019-10213 was published May 17, 2021

Information Disclosure in OpenShift Container Platform Moderate Unreviewed

CVE-2020-10712 was published May 25, 2021

A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters... Moderate Unreviewed

CVE-2021-27026 was published Nov 19, 2021

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A... Moderate Unreviewed

CVE-2021-36340 was published Nov 21, 2021

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This... Moderate Unreviewed

CVE-2021-21561 was published Nov 24, 2021

Sensitive information could be logged. The following products are affected: Acronis Agent ... High Unreviewed

CVE-2021-34800 was published Nov 30, 2021

Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed

CVE-2021-38283 was published Nov 30, 2021

SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default... Moderate Unreviewed

CVE-2021-36718 was published Dec 9, 2021

Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when... High Unreviewed

CVE-2021-37861 was published Dec 10, 2021

In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN... Moderate Unreviewed

CVE-2021-0997 was published Dec 16, 2021

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a... Low Unreviewed

CVE-2021-0991 was published Dec 16, 2021

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed

CVE-2021-36318 was published Dec 22, 2021

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed

CVE-2021-45034 was published Jan 12, 2022

Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token... Moderate Unreviewed

CVE-2021-45449 was published Jan 13, 2022

SAP Business One - version 10.0, extended log stores information that can be of a sensitive... Moderate Unreviewed

CVE-2021-44234 was published Jan 15, 2022

IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in... Moderate Unreviewed

CVE-2021-39032 was published Jan 15, 2022

In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and... Moderate Unreviewed

CVE-2022-22703 was published Jan 18, 2022

In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated... Low Unreviewed

CVE-2021-41808 was published Jan 19, 2022

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure... High Unreviewed

CVE-2021-36289 was published Jan 27, 2022

A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2022-20630 was published Feb 11, 2022

An information exposure through log file vulnerability exists in the Palo Alto Networks... Moderate Unreviewed

CVE-2022-0021 was published Feb 11, 2022

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of... Moderate Unreviewed

CVE-2022-22939 was published Feb 11, 2022

HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File. High Unreviewed

CVE-2022-25374 was published Feb 26, 2022

The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed

CVE-2021-25009 was published Mar 8, 2022

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),... Moderate Unreviewed

CVE-2021-41543 was published Mar 9, 2022

Previous 1 2 3 4 5 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

602 advisories