Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

753 advisories

Loading
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1... Moderate Unreviewed
CVE-2019-11273 was published May 24, 2022
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-14268 was published May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10343 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Maven Integration Plugin did not mask sensitive values in module build logs Moderate
CVE-2019-10358 was published for org.jenkins-ci.main:maven-plugin (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Jenkins Amazon EC2 Plugin leaked beginning of private key in system log Moderate
CVE-2019-10364 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC... Moderate Unreviewed
CVE-2016-10819 was published May 24, 2022
cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of... Low Unreviewed
CVE-2017-18412 was published May 24, 2022
In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). Low Unreviewed
CVE-2017-18423 was published May 24, 2022
cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). Moderate Unreviewed
CVE-2017-18426 was published May 24, 2022
IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain... Moderate Unreviewed
CVE-2019-4284 was published May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10367 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin Moderate
CVE-2019-10370 was published for org.jenkins-ci.plugins:mask-passwords (Maven) May 24, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2019-1953 was published May 24, 2022
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. Moderate Unreviewed
CVE-2019-13515 was published May 24, 2022
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for... Moderate Unreviewed
CVE-2019-5634 was published May 24, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15507 was published May 24, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade,... Critical Unreviewed
CVE-2019-15294 was published May 24, 2022
Kubernetes client-go library logs may disclose credentials to unauthorized users Moderate
CVE-2019-11250 was published for k8s.io/client-go (Go) May 24, 2022
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes... Moderate Unreviewed
CVE-2019-6648 was published May 24, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in... High Unreviewed
CVE-2019-6656 was published May 24, 2022
In the proc filesystem, there is a possible information disclosure due to log information... Low Unreviewed
CVE-2019-9277 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database