GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
746 advisories
Filter by severity
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway...
High
Unreviewed
CVE-2022-20806
was published
May 28, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6...
Moderate
Unreviewed
CVE-2022-30733
was published
Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2...
Low
Unreviewed
CVE-2022-30742
was published
Jun 8, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another...
High
Unreviewed
CVE-2021-28131
was published
May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11...
High
Unreviewed
CVE-2021-43271
was published
Jun 4, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized...
Moderate
Unreviewed
CVE-2022-32193
was published
Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
Moderate
Unreviewed
CVE-2021-1576
was published
May 24, 2022
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7...
Low
Unreviewed
CVE-2022-30741
was published
Jun 8, 2022
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.
Moderate
Unreviewed
CVE-2022-30148
was published
Jun 16, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted...
High
Unreviewed
CVE-2022-32565
was published
Jun 14, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain...
Moderate
Unreviewed
CVE-2015-3243
was published
May 17, 2022
Weave GitOps leaked cluster credentials into logs on connection errors
Critical
CVE-2022-31098
was published
for
github.com/weaveworks/weave-gitops
(Go)
Jun 23, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log...
Critical
Unreviewed
CVE-2017-8075
was published
May 17, 2022
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and...
Moderate
Unreviewed
CVE-2022-20768
was published
Jul 7, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the...
High
Unreviewed
CVE-2022-23141
was published
Jul 16, 2022
Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows...
Low
Unreviewed
CVE-2022-33687
was published
Jul 13, 2022
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR...
Low
Unreviewed
CVE-2022-33688
was published
Jul 13, 2022
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in...
Moderate
Unreviewed
CVE-2022-33911
was published
Jul 13, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be...
Moderate
Unreviewed
CVE-2016-9985
was published
May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log...
Critical
Unreviewed
CVE-2017-8074
was published
May 17, 2022
Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local...
Low
Unreviewed
CVE-2022-33693
was published
Jul 13, 2022
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul...
Low
Unreviewed
CVE-2022-33697
was published
Jul 13, 2022
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may...
Critical
Unreviewed
CVE-2016-8233
was published
May 17, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform...
High
Unreviewed
CVE-2016-8346
was published
May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could...
Moderate
Unreviewed
CVE-2017-5137
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API