Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

472 advisories

Loading
The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a... Moderate Unreviewed
CVE-2019-4143 was published May 14, 2022
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system... Moderate Unreviewed
CVE-2017-6139 was published May 14, 2022
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other... Moderate Unreviewed
CVE-2017-3744 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login... Moderate Unreviewed
CVE-2017-11134 was published May 13, 2022
ovirt-engine Logs Plaintext Passwords To File Moderate
CVE-2017-15113 was published for org.ovirt.engine.sdk:ovirt-engine-sdk-java (Maven) May 13, 2022 withdrawn
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL... Moderate Unreviewed
CVE-2017-1198 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores... Moderate Unreviewed
CVE-2017-1480 was published May 13, 2022
IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly... Moderate Unreviewed
CVE-2017-1795 was published May 13, 2022
Moodle sensitive information disclosure Moderate
CVE-2018-10889 was published for moodle/moodle (Composer) May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-17499 was published May 13, 2022
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version,... Moderate Unreviewed
CVE-2018-19014 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1349 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1350 was published May 13, 2022
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace... Moderate Unreviewed
CVE-2018-1788 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the... Moderate Unreviewed
CVE-2018-1876 was published May 13, 2022
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker... Moderate Unreviewed
CVE-2018-3776 was published May 13, 2022
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in... Moderate Unreviewed
CVE-2019-0021 was published May 13, 2022
Mediawiki information disclosure vulnerability Moderate
CVE-2018-0504 was published for mediawiki/core (Composer) May 13, 2022
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users'... Moderate Unreviewed
CVE-2019-3715 was published May 13, 2022
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16... Moderate Unreviewed
CVE-2018-7754 was published May 13, 2022
A plain keystore password is written to a system log file in SAP HANA Extended Application... Moderate Unreviewed
CVE-2018-2372 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a... Moderate Unreviewed
CVE-2018-16095 was published May 13, 2022
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated... Moderate Unreviewed
CVE-2019-0004 was published May 13, 2022
Ceilometer Prints Sensitive Configuration Data to Log Moderate
CVE-2019-3830 was published for ceilometer (pip) May 13, 2022
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful... Moderate Unreviewed
CVE-2018-7682 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database