Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco... Moderate Unreviewed
CVE-2021-1226 was published May 24, 2022
There is an information leakage vulnerability in some huawei products. Due to the properly... Moderate Unreviewed
CVE-2021-22310 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0... High Unreviewed
CVE-2022-34369 was published Sep 3, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text... Moderate Unreviewed
CVE-2020-26199 was published May 24, 2022
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici... Moderate Unreviewed
CVE-2021-25688 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer... Moderate Unreviewed
CVE-2021-20359 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5... Moderate Unreviewed
CVE-2020-4671 was published May 24, 2022
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing... Moderate Unreviewed
CVE-2022-23716 was published Sep 29, 2022
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to... Moderate Unreviewed
CVE-2020-0476 was published May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as... High Unreviewed
CVE-2020-35234 was published May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files... Moderate Unreviewed
CVE-2020-4900 was published May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the... Moderate Unreviewed
CVE-2020-10762 was published May 24, 2022
An information exposure through log file vulnerability exists where the password for the... Low Unreviewed
CVE-2020-2048 was published May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Low Unreviewed
CVE-2020-7322 was published May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and... Moderate Unreviewed
CVE-2020-11643 was published May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote... Moderate Unreviewed
CVE-2020-15370 was published May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC... High Unreviewed
CVE-2020-26106 was published May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262... Moderate Unreviewed
CVE-2020-11646 was published May 24, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog... Moderate Unreviewed
CVE-2020-13881 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6,... Moderate Unreviewed
CVE-2022-31239 was published Oct 21, 2022
npm CLI exposing sensitive information through logs Moderate
CVE-2020-15095 was published for npm (npm) Jul 7, 2020
An information exposure vulnerability in the logging component of Palo Alto Networks Global... Low Unreviewed
CVE-2020-1987 was published May 24, 2022
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive... Moderate Unreviewed
CVE-2022-23715 was published Aug 26, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS... Low Unreviewed
CVE-2019-19756 was published May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed
CVE-2020-5400 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database