Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

589 advisories

Loading
aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an... High Unreviewed
CVE-2019-9724 was published May 24, 2022
aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a... High Unreviewed
CVE-2019-9734 was published May 24, 2022
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s... High Unreviewed
CVE-2019-6157 was published May 24, 2022
All versions of unity-scope-gdrive logs search terms to syslog. Moderate Unreviewed
CVE-2015-1343 was published May 24, 2022
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during... Moderate Unreviewed
CVE-2014-3536 was published May 17, 2022
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0... Low Unreviewed
CVE-2016-5432 was published May 17, 2022
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed
CVE-2016-5967 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-2928 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by... Low Unreviewed
CVE-2016-2943 was published May 17, 2022
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys... Moderate Unreviewed
CVE-2016-4443 was published May 17, 2022
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive... Low Unreviewed
CVE-2016-0296 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8... High Unreviewed
CVE-2015-8977 was published May 17, 2022
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log... Moderate Unreviewed
CVE-2016-8912 was published May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could... Moderate Unreviewed
CVE-2017-5137 was published May 17, 2022
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform... High Unreviewed
CVE-2016-8346 was published May 17, 2022
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and... High Unreviewed
CVE-2016-9344 was published May 17, 2022
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may... Critical Unreviewed
CVE-2016-8233 was published May 17, 2022
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016... High Unreviewed
CVE-2017-5153 was published May 17, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be... Moderate Unreviewed
CVE-2016-9985 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log... Critical Unreviewed
CVE-2017-8074 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed
CVE-2017-8075 was published May 17, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x... Moderate Unreviewed
CVE-2017-0380 was published May 17, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5... Critical Unreviewed
CVE-2017-6165 was published May 17, 2022
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in... Critical Unreviewed
CVE-2017-1000171 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database