GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
140 advisories
Filter by severity
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive...
High
Unreviewed
CVE-2019-0741
was published
May 14, 2022
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information...
High
Unreviewed
CVE-2017-15572
was published
May 14, 2022
In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs...
High
Unreviewed
CVE-2018-19513
was published
May 14, 2022
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x,...
High
Unreviewed
CVE-2018-19865
was published
May 14, 2022
inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity...
High
Unreviewed
CVE-2018-7204
was published
May 13, 2022
VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure...
High
Unreviewed
CVE-2018-6971
was published
May 13, 2022
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the...
High
Unreviewed
CVE-2018-16889
was published
May 13, 2022
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's...
High
Unreviewed
CVE-2018-1000018
was published
May 13, 2022
A vulnerability in the web portal authentication process of Cisco Prime Collaboration...
High
Unreviewed
CVE-2018-0335
was published
May 13, 2022
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure...
High
Unreviewed
CVE-2018-15763
was published
May 13, 2022
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db...
High
Unreviewed
CVE-2018-1075
was published
May 13, 2022
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,...
High
Unreviewed
CVE-2018-1241
was published
May 13, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an...
High
Unreviewed
CVE-2018-1768
was published
May 13, 2022
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1...
High
Unreviewed
CVE-2018-3609
was published
May 13, 2022
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure...
High
Unreviewed
CVE-2018-3828
was published
May 13, 2022
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support...
High
Unreviewed
CVE-2017-8001
was published
May 13, 2022
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and...
High
Unreviewed
CVE-2018-1223
was published
May 13, 2022
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to...
High
Unreviewed
CVE-2019-9976
was published
May 13, 2022
RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The...
High
Unreviewed
CVE-2019-3716
was published
May 13, 2022
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS...
High
Unreviewed
CVE-2019-0266
was published
May 13, 2022
Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users....
High
Unreviewed
CVE-2019-0029
was published
May 13, 2022
** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode...
High
Unreviewed
CVE-2018-18466
was published
May 13, 2022
Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7...
High
Unreviewed
CVE-2018-15797
was published
May 13, 2022
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly...
High
Unreviewed
CVE-2018-3827
was published
May 13, 2022
A password management issue exists where the Organization authentication username and password...
High
Unreviewed
CVE-2019-0032
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API