Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp... Moderate Unreviewed
CVE-2018-8719 was published May 14, 2022
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target... Critical Unreviewed
CVE-2018-11320 was published May 14, 2022
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request... High Unreviewed
CVE-2018-12604 was published May 14, 2022
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel... Moderate Unreviewed
CVE-2017-5549 was published May 14, 2022
Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy... Moderate Unreviewed
CVE-2018-2440 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is... Critical Unreviewed
CVE-2018-11716 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access... Critical Unreviewed
CVE-2018-11717 was published May 14, 2022
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release... Moderate Unreviewed
CVE-2018-6599 was published May 14, 2022
Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during... High Unreviewed
CVE-2018-1198 was published May 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before... Critical Unreviewed
CVE-2018-16049 was published May 14, 2022
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and... High Unreviewed
CVE-2018-17447 was published May 14, 2022
Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13... High Unreviewed
CVE-2018-14700 was published May 14, 2022
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or... High Unreviewed
CVE-2018-19786 was published May 14, 2022
An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error... Moderate Unreviewed
CVE-2018-19863 was published May 14, 2022
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857... Moderate Unreviewed
CVE-2018-15001 was published May 14, 2022
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user... Moderate Unreviewed
CVE-2018-15002 was published May 14, 2022
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M... Moderate Unreviewed
CVE-2018-15004 was published May 14, 2022
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V... Moderate Unreviewed
CVE-2018-14995 was published May 14, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover... Low Unreviewed
CVE-2018-5693 was published May 14, 2022
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive... High Unreviewed
CVE-2019-0741 was published May 14, 2022
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information... High Unreviewed
CVE-2017-15572 was published May 14, 2022
In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs... High Unreviewed
CVE-2018-19513 was published May 14, 2022
Insertion of Sensitive Information into Log File in Apache Tomcat Moderate
CVE-2011-2204 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled Moderate
CVE-2018-16859 was published for ansible (pip) May 14, 2022
The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a... Moderate Unreviewed
CVE-2019-4143 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database