Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

563 advisories

Loading
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to... Moderate Unreviewed
CVE-2019-14782 was published May 24, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed
CVE-2021-38283 was published Nov 30, 2021
In ArrayMap, there is a possible leak of the content of SMS messages due to log information... Low Unreviewed
CVE-2021-39739 was published Mar 31, 2022
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed
CVE-2022-27442 was published Apr 5, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed
CVE-2021-45103 was published Apr 7, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to... Low Unreviewed
CVE-2022-1157 was published Apr 12, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions... Low Unreviewed
CVE-2022-36877 was published Sep 10, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed
CVE-2022-20807 was published May 28, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15507 was published May 24, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... Moderate Unreviewed
CVE-2022-20809 was published May 27, 2022
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway... High Unreviewed
CVE-2022-20806 was published May 28, 2022
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6... Moderate Unreviewed
CVE-2022-30733 was published Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed
CVE-2022-30742 was published Jun 8, 2022
Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another... High Unreviewed
CVE-2021-28131 was published May 24, 2022
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11... High Unreviewed
CVE-2021-43271 was published Jun 4, 2022
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2022-32193 was published Jun 14, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7... Low Unreviewed
CVE-2022-30741 was published Jun 8, 2022
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-30148 was published Jun 16, 2022
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted... High Unreviewed
CVE-2022-32565 was published Jun 14, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log... Critical Unreviewed
CVE-2017-8075 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API