GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
563 advisories
Filter by severity
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log...
Critical
Unreviewed
CVE-2018-1072
was published
May 13, 2022
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db...
High
Unreviewed
CVE-2018-1075
was published
May 13, 2022
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,...
High
Unreviewed
CVE-2018-1241
was published
May 13, 2022
Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part...
Critical
Unreviewed
CVE-2018-1264
was published
May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could...
Moderate
Unreviewed
CVE-2018-1349
was published
May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could...
Moderate
Unreviewed
CVE-2018-1350
was published
May 13, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an...
High
Unreviewed
CVE-2018-1768
was published
May 13, 2022
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace...
Moderate
Unreviewed
CVE-2018-1788
was published
May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the...
Moderate
Unreviewed
CVE-2018-1876
was published
May 13, 2022
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1...
High
Unreviewed
CVE-2018-3609
was published
May 13, 2022
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker...
Moderate
Unreviewed
CVE-2018-3776
was published
May 13, 2022
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure...
High
Unreviewed
CVE-2018-3828
was published
May 13, 2022
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in...
Moderate
Unreviewed
CVE-2019-0021
was published
May 13, 2022
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in...
Critical
Unreviewed
CVE-2019-4008
was published
May 13, 2022
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support...
High
Unreviewed
CVE-2017-8001
was published
May 13, 2022
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and...
High
Unreviewed
CVE-2018-1223
was published
May 13, 2022
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to...
High
Unreviewed
CVE-2019-9976
was published
May 13, 2022
RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The...
High
Unreviewed
CVE-2019-3716
was published
May 13, 2022
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users'...
Moderate
Unreviewed
CVE-2019-3715
was published
May 13, 2022
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS...
High
Unreviewed
CVE-2019-0266
was published
May 13, 2022
Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users....
High
Unreviewed
CVE-2019-0029
was published
May 13, 2022
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16...
Moderate
Unreviewed
CVE-2018-7754
was published
May 13, 2022
A plain keystore password is written to a system log file in SAP HANA Extended Application...
Moderate
Unreviewed
CVE-2018-2372
was published
May 13, 2022
** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode...
High
Unreviewed
CVE-2018-18466
was published
May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a...
Moderate
Unreviewed
CVE-2018-16095
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API