Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

738 advisories

Loading
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30733 was published Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed
CVE-2022-30742 was published Jun 8, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2022-32193 was published Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7... Low Unreviewed
CVE-2022-30741 was published Jun 8, 2022
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-30148 was published Jun 16, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed
CVE-2022-32565 was published Jun 14, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
Weave GitOps leaked cluster credentials into logs on connection errors Critical
CVE-2022-31098 was published for github.com/weaveworks/weave-gitops (Go) Jun 23, 2022
stefanprodan
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed
CVE-2017-8075 was published May 17, 2022
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and... Moderate Unreviewed
CVE-2022-20768 was published Jul 7, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the... High Unreviewed
CVE-2022-23141 was published Jul 16, 2022
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR... Low Unreviewed
CVE-2022-33688 was published Jul 13, 2022
Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows... Low Unreviewed
CVE-2022-33687 was published Jul 13, 2022
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in... Moderate Unreviewed
CVE-2022-33911 was published Jul 13, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be... Moderate Unreviewed
CVE-2016-9985 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log... Critical Unreviewed
CVE-2017-8074 was published May 17, 2022
Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local... Low Unreviewed
CVE-2022-33693 was published Jul 13, 2022
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul... Low Unreviewed
CVE-2022-33697 was published Jul 13, 2022
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may... Critical Unreviewed
CVE-2016-8233 was published May 17, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform... High Unreviewed
CVE-2016-8346 was published May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could... Moderate Unreviewed
CVE-2017-5137 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database