Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

169 advisories

Loading
Information Exposure in cordova-android High
CVE-2016-6799 was published for cordova-android (npm) Sep 11, 2020
Insertion of Sensitive Information into Log File in Jupyter notebook High
CVE-2022-24757 was published for jupyter-server (pip) Mar 25, 2022
3coins
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed
CVE-2021-38283 was published Nov 30, 2021
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed
CVE-2022-27442 was published Apr 5, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs High
CVE-2022-24758 was published for notebook (pip) Apr 5, 2022
3coins
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed
CVE-2021-45103 was published Apr 7, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed
CVE-2022-32565 was published Jun 14, 2022
ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the... High Unreviewed
CVE-2022-23141 was published Jul 16, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform... High Unreviewed
CVE-2016-8346 was published May 17, 2022
An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log... High Unreviewed
CVE-2022-32556 was published Jul 22, 2022
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016... High Unreviewed
CVE-2017-5153 was published May 17, 2022
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and... High Unreviewed
CVE-2016-9344 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8... High Unreviewed
CVE-2015-8977 was published May 17, 2022
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were... High Unreviewed
CVE-2022-27895 was published Nov 16, 2022
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where... High Unreviewed
CVE-2022-27896 was published Nov 15, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to... High Unreviewed
CVE-2019-11283 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as... High Unreviewed
CVE-2020-35234 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0... High Unreviewed
CVE-2022-34369 was published Sep 3, 2022
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE... High Unreviewed
CVE-2021-1442 was published May 24, 2022
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager ... High Unreviewed
CVE-2021-22516 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database