GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,840

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

464 advisories

Filter by severity

Sort by

Least recently updated

When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE... Moderate Unreviewed

CVE-2019-10695 was published May 24, 2022

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's... Moderate Unreviewed

CVE-2019-15235 was published May 24, 2022

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to... Moderate Unreviewed

CVE-2019-14782 was published May 24, 2022

OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the... Moderate Unreviewed

CVE-2019-14854 was published May 24, 2022

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential... Moderate Unreviewed

CVE-2019-14885 was published May 24, 2022

Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote... Moderate Unreviewed

CVE-2019-16203 was published May 24, 2022

Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external... Moderate Unreviewed

CVE-2019-16204 was published May 24, 2022

Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed

CVE-2020-5400 was published May 24, 2022

Exposure of Sensitive Information in Gradle publish plugin Moderate

CVE-2020-7599 was published for com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin (Maven) May 24, 2022

In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of... Moderate Unreviewed

CVE-2020-11968 was published May 24, 2022

Keycloak leaks sensitive information in logged exceptions Moderate

CVE-2020-1698 was published for org.keycloak:keycloak-core (Maven) May 24, 2022

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog... Moderate Unreviewed

CVE-2020-13881 was published May 24, 2022

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote... Moderate Unreviewed

CVE-2020-15370 was published May 24, 2022

An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and... Moderate Unreviewed

CVE-2020-11643 was published May 24, 2022

A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262... Moderate Unreviewed

CVE-2020-11646 was published May 24, 2022

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5... Moderate Unreviewed

CVE-2020-4671 was published May 24, 2022

An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the... Moderate Unreviewed

CVE-2020-10762 was published May 24, 2022

Heketi logs sensitive information Moderate

CVE-2020-10763 was published for github.com/heketi/heketi (Go) May 24, 2022

IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files... Moderate Unreviewed

CVE-2020-4900 was published May 24, 2022

In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to... Moderate Unreviewed

CVE-2020-0476 was published May 24, 2022

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text... Moderate Unreviewed

CVE-2020-26199 was published May 24, 2022

A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco... Moderate Unreviewed

CVE-2021-1226 was published May 24, 2022

IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer... Moderate Unreviewed

CVE-2021-20359 was published May 24, 2022

Insertion of Sensitive Information into Log File in Elasticsearch Moderate

CVE-2020-7021 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022

Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici... Moderate Unreviewed

CVE-2021-25688 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

464 advisories