Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

738 advisories

Loading
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to... High Unreviewed
CVE-2019-11283 was published May 24, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential... Moderate Unreviewed
CVE-2019-14885 was published May 24, 2022
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in... Critical Unreviewed
CVE-2019-4008 was published May 13, 2022
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account... Low Unreviewed
CVE-2019-16206 was published May 24, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while... Moderate Unreviewed
CVE-2019-16210 was published May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote... Moderate Unreviewed
CVE-2019-16203 was published May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external... Moderate Unreviewed
CVE-2019-16204 was published May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed
CVE-2020-5400 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS... Low Unreviewed
CVE-2019-19756 was published May 24, 2022
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive... Moderate Unreviewed
CVE-2022-23715 was published Aug 26, 2022
An information exposure vulnerability in the logging component of Palo Alto Networks Global... Low Unreviewed
CVE-2020-1987 was published May 24, 2022
npm CLI exposing sensitive information through logs Moderate
CVE-2020-15095 was published for npm (npm) Jul 7, 2020
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6,... Moderate Unreviewed
CVE-2022-31239 was published Oct 21, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog... Moderate Unreviewed
CVE-2020-13881 was published May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262... Moderate Unreviewed
CVE-2020-11646 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote... Moderate Unreviewed
CVE-2020-15370 was published May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and... Moderate Unreviewed
CVE-2020-11643 was published May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Low Unreviewed
CVE-2020-7322 was published May 24, 2022
An information exposure through log file vulnerability exists where the password for the... Low Unreviewed
CVE-2020-2048 was published May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the... Moderate Unreviewed
CVE-2020-10762 was published May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files... Moderate Unreviewed
CVE-2020-4900 was published May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as... High Unreviewed
CVE-2020-35234 was published May 24, 2022
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to... Moderate Unreviewed
CVE-2020-0476 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database