Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system... Moderate Unreviewed
CVE-2017-6139 was published May 14, 2022
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x,... High Unreviewed
CVE-2018-19865 was published May 14, 2022
inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity... High Unreviewed
CVE-2018-7204 was published May 13, 2022
VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure... High Unreviewed
CVE-2018-6971 was published May 13, 2022
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log Low
CVE-2018-1999036 was published for org.jenkins-ci.plugins:ssh-agent (Maven) May 13, 2022
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the... High Unreviewed
CVE-2018-16889 was published May 13, 2022
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's... High Unreviewed
CVE-2018-1000018 was published May 13, 2022
Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an... Critical Unreviewed
CVE-2018-0042 was published May 13, 2022
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain... Critical Unreviewed
CVE-2017-9615 was published May 13, 2022
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x... Critical Unreviewed
CVE-2017-4955 was published May 13, 2022
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other... Moderate Unreviewed
CVE-2017-3744 was published May 13, 2022
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache)... Critical Unreviewed
CVE-2017-15366 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login... Moderate Unreviewed
CVE-2017-11134 was published May 13, 2022
ovirt-engine Logs Plaintext Passwords To File Moderate
CVE-2017-15113 was published for org.ovirt.engine.sdk:ovirt-engine-sdk-java (Maven) May 13, 2022 withdrawn
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL... Moderate Unreviewed
CVE-2017-1198 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores... Moderate Unreviewed
CVE-2017-1480 was published May 13, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a... Low Unreviewed
CVE-2017-1733 was published May 13, 2022
IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly... Moderate Unreviewed
CVE-2017-1795 was published May 13, 2022
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an... Critical Unreviewed
CVE-2017-6709 was published May 13, 2022
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations... Critical Unreviewed
CVE-2017-7434 was published May 13, 2022
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver... Critical Unreviewed
CVE-2017-9278 was published May 13, 2022
A vulnerability in the web portal authentication process of Cisco Prime Collaboration... High Unreviewed
CVE-2018-0335 was published May 13, 2022
Moodle sensitive information disclosure Moderate
CVE-2018-10889 was published for moodle/moodle (Composer) May 13, 2022
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure... High Unreviewed
CVE-2018-15763 was published May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-17499 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database