Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

635 advisories

Loading
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp... Moderate Unreviewed
CVE-2018-8719 was published May 14, 2022
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target... Critical Unreviewed
CVE-2018-11320 was published May 14, 2022
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request... High Unreviewed
CVE-2018-12604 was published May 14, 2022
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel... Moderate Unreviewed
CVE-2017-5549 was published May 14, 2022
Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy... Moderate Unreviewed
CVE-2018-2440 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is... Critical Unreviewed
CVE-2018-11716 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access... Critical Unreviewed
CVE-2018-11717 was published May 14, 2022
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release... Moderate Unreviewed
CVE-2018-6599 was published May 14, 2022
Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during... High Unreviewed
CVE-2018-1198 was published May 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before... Critical Unreviewed
CVE-2018-16049 was published May 14, 2022
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and... High Unreviewed
CVE-2018-17447 was published May 14, 2022
Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13... High Unreviewed
CVE-2018-14700 was published May 14, 2022
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or... High Unreviewed
CVE-2018-19786 was published May 14, 2022
An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error... Moderate Unreviewed
CVE-2018-19863 was published May 14, 2022
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857... Moderate Unreviewed
CVE-2018-15001 was published May 14, 2022
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user... Moderate Unreviewed
CVE-2018-15002 was published May 14, 2022
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V... Moderate Unreviewed
CVE-2018-14995 was published May 14, 2022
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M... Moderate Unreviewed
CVE-2018-15004 was published May 14, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover... Low Unreviewed
CVE-2018-5693 was published May 14, 2022
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive... High Unreviewed
CVE-2019-0741 was published May 14, 2022
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information... High Unreviewed
CVE-2017-15572 was published May 14, 2022
In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs... High Unreviewed
CVE-2018-19513 was published May 14, 2022
The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a... Moderate Unreviewed
CVE-2019-4143 was published May 14, 2022
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system... Moderate Unreviewed
CVE-2017-6139 was published May 14, 2022
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x,... High Unreviewed
CVE-2018-19865 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database