GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
67 advisories
Filter by severity
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by...
Low
Unreviewed
CVE-2016-2943
was published
May 17, 2022
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive...
Low
Unreviewed
CVE-2016-0296
was published
May 17, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover...
Low
Unreviewed
CVE-2018-5693
was published
May 14, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a...
Low
Unreviewed
CVE-2017-1733
was published
May 13, 2022
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the...
Low
Unreviewed
CVE-2013-6384
was published
May 13, 2022
The commandline package update tool zypper writes HTTP proxy credentials into its logfile,...
Low
Unreviewed
CVE-2017-9271
was published
May 13, 2022
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0...
Low
Unreviewed
CVE-2011-1943
was published
May 13, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to...
Low
Unreviewed
CVE-2022-1157
was published
Apr 12, 2022
In ArrayMap, there is a possible leak of the content of SMS messages due to log information...
Low
Unreviewed
CVE-2021-39739
was published
Mar 31, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows...
Low
Unreviewed
CVE-2022-25827
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows...
Low
Unreviewed
CVE-2022-25828
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751...
Low
Unreviewed
CVE-2022-25829
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741...
Low
Unreviewed
CVE-2022-25823
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated...
Low
Unreviewed
CVE-2021-41808
was published
Jan 19, 2022
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a...
Low
Unreviewed
CVE-2021-0991
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API