GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,068

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

591 advisories

Filter by severity

Sort by

Least recently updated

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to... Moderate Unreviewed

CVE-2019-14782 was published May 24, 2022

In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed

CVE-2022-25518 was published Mar 24, 2022

Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed

CVE-2021-38283 was published Nov 30, 2021

In ArrayMap, there is a possible leak of the content of SMS messages due to log information... Low Unreviewed

CVE-2021-39739 was published Mar 31, 2022

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed

CVE-2022-27442 was published Apr 5, 2022

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed

CVE-2021-45103 was published Apr 7, 2022

Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to... Low Unreviewed

CVE-2022-1157 was published Apr 12, 2022

Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed

CVE-2022-28774 was published May 12, 2022

Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions... Low Unreviewed

CVE-2022-36877 was published Sep 10, 2022

In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed

CVE-2019-15508 was published May 24, 2022

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed

CVE-2022-20807 was published May 28, 2022

In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed

CVE-2019-15507 was published May 24, 2022

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed

CVE-2022-20809 was published May 27, 2022

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed

CVE-2022-20806 was published May 28, 2022

Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed

CVE-2022-30733 was published Jun 8, 2022

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed

CVE-2022-30742 was published Jun 8, 2022

Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed

CVE-2021-28131 was published May 24, 2022

Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed

CVE-2021-43271 was published Jun 4, 2022

Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed

CVE-2022-32193 was published Jun 14, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed

CVE-2021-1576 was published May 24, 2022

Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7... Low Unreviewed

CVE-2022-30741 was published Jun 8, 2022

Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Moderate Unreviewed

CVE-2022-30148 was published Jun 16, 2022

An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed

CVE-2022-32565 was published Jun 14, 2022

rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed

CVE-2015-3243 was published May 17, 2022

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed

CVE-2017-8075 was published May 17, 2022

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

591 advisories