Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

440 advisories

Loading
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed
CVE-2020-5400 was published May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote... Moderate Unreviewed
CVE-2019-16203 was published May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external... Moderate Unreviewed
CVE-2019-16204 was published May 24, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while... Moderate Unreviewed
CVE-2019-16210 was published May 24, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential... Moderate Unreviewed
CVE-2019-14885 was published May 24, 2022
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s... Moderate Unreviewed
CVE-2022-28625 was published Sep 1, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
In Accounts, there is a possible way to write sensitive information to the system log due to... Moderate Unreviewed
CVE-2022-20278 was published Aug 13, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2019-1953 was published May 24, 2022
A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could... Moderate Unreviewed
CVE-2022-20651 was published Jun 23, 2022
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The... Moderate Unreviewed
CVE-2022-33187 was published Dec 9, 2022
IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in... Moderate Unreviewed
CVE-2022-35719 was published Nov 14, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive... Moderate Unreviewed
CVE-2021-39011 was published Jan 20, 2023
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed
CVE-2016-5967 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-2928 was published May 17, 2022
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token... Moderate Unreviewed
CVE-2022-32217 was published Sep 25, 2022
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log... Moderate Unreviewed
CVE-2016-8912 was published May 17, 2022
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... Moderate Unreviewed
CVE-2022-31674 was published Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in... Moderate Unreviewed
CVE-2022-36321 was published Jul 21, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could... Moderate Unreviewed
CVE-2017-5137 was published May 17, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be... Moderate Unreviewed
CVE-2016-9985 was published May 17, 2022
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in... Moderate Unreviewed
CVE-2022-33911 was published Jul 13, 2022
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and... Moderate Unreviewed
CVE-2022-20768 was published Jul 7, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database