GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
450 advisories
Filter by severity
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive...
Moderate
Unreviewed
CVE-2016-2928
was published
May 17, 2022
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local...
Moderate
Unreviewed
CVE-2016-5967
was published
May 17, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive...
Moderate
Unreviewed
CVE-2021-39011
was published
Jan 20, 2023
IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2022-35719
was published
Nov 14, 2022
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The...
Moderate
Unreviewed
CVE-2022-33187
was published
Dec 9, 2022
A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could...
Moderate
Unreviewed
CVE-2022-20651
was published
Jun 23, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could...
Moderate
Unreviewed
CVE-2019-1953
was published
May 24, 2022
In Accounts, there is a possible way to write sensitive information to the system log due to...
Moderate
Unreviewed
CVE-2022-20278
was published
Aug 13, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset.
Moderate
Unreviewed
CVE-2018-20956
was published
May 24, 2022
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s...
Moderate
Unreviewed
CVE-2022-28625
was published
Sep 1, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential...
Moderate
Unreviewed
CVE-2019-14885
was published
May 24, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while...
Moderate
Unreviewed
CVE-2019-16210
was published
May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external...
Moderate
Unreviewed
CVE-2019-16204
was published
May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote...
Moderate
Unreviewed
CVE-2019-16203
was published
May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background...
Moderate
Unreviewed
CVE-2020-5400
was published
May 24, 2022
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive...
Moderate
Unreviewed
CVE-2022-23715
was published
Aug 26, 2022
npm CLI exposing sensitive information through logs
Moderate
CVE-2020-15095
was published
for
npm
(npm)
Jul 7, 2020
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6,...
Moderate
Unreviewed
CVE-2022-31239
was published
Oct 21, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog...
Moderate
Unreviewed
CVE-2020-13881
was published
May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262...
Moderate
Unreviewed
CVE-2020-11646
was published
May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2020-15370
was published
May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and...
Moderate
Unreviewed
CVE-2020-11643
was published
May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the...
Moderate
Unreviewed
CVE-2020-10762
was published
May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files...
Moderate
Unreviewed
CVE-2020-4900
was published
May 24, 2022
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to...
Moderate
Unreviewed
CVE-2020-0476
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API