Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

175 advisories

Loading
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive... High Unreviewed
CVE-2021-23924 was published May 24, 2022
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and... High Unreviewed
CVE-2020-23284 was published May 24, 2022
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin... High Unreviewed
CVE-2020-21933 was published May 24, 2022
Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an... High Unreviewed
CVE-2021-21601 was published May 24, 2022
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read... High Unreviewed
CVE-2021-22024 was published May 24, 2022
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an... High Unreviewed
CVE-2021-20129 was published May 24, 2022
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. High Unreviewed
CVE-2020-15380 was published May 24, 2022
In Ericsson Network Manager (ENM) releases before 21.2, users belonging to the same AMOS... High Unreviewed
CVE-2021-32570 was published Aug 27, 2022
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive... High Unreviewed
CVE-2022-3691 was published Nov 21, 2022
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in... High Unreviewed
CVE-2022-0725 was published Mar 11, 2022
HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File. High Unreviewed
CVE-2022-25374 was published Feb 26, 2022
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and... High Unreviewed
CVE-2019-3500 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log... High Unreviewed
CVE-2016-0879 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration... High Unreviewed
CVE-2016-0875 was published May 13, 2022
Information Exposure in Snyk Broker High
CVE-2020-7654 was published for snyk-broker (npm) Jun 3, 2020
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI... High Unreviewed
CVE-2016-9882 was published May 13, 2022
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive... High Unreviewed
CVE-2018-7683 was published May 13, 2022
It was discovered that a world-readable log file belonging to Candlepin component of Red Hat... High Unreviewed
CVE-2019-3891 was published May 13, 2022
A password management issue exists where the Organization authentication username and password... High Unreviewed
CVE-2019-0032 was published May 13, 2022
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly... High Unreviewed
CVE-2018-3827 was published May 13, 2022
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File... High Unreviewed
CVE-2022-39821 was published Sep 14, 2022
Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin High
CVE-2021-21361 was published for com.bmuschko:gradle-vagrant-plugin (Maven) Mar 9, 2021
britter
Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7... High Unreviewed
CVE-2018-15797 was published May 13, 2022
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS... High Unreviewed
CVE-2019-0266 was published May 13, 2022
Sensitive information could be logged. The following products are affected: Acronis Agent ... High Unreviewed
CVE-2021-34800 was published Nov 30, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database