GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
767 advisories
Filter by severity
Exposure of Sensitive Information in Gradle publish plugin
Moderate
CVE-2020-7599
was published
for
com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin
(Maven)
May 24, 2022
An information exposure vulnerability in the logging component of Palo Alto Networks Global...
Low
Unreviewed
CVE-2020-1987
was published
May 24, 2022
In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of...
Moderate
Unreviewed
CVE-2020-11968
was published
May 24, 2022
Keycloak leaks sensitive information in logged exceptions
Moderate
CVE-2020-1698
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center...
High
Unreviewed
CVE-2020-3281
was published
May 24, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog...
Moderate
Unreviewed
CVE-2020-13881
was published
May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7...
Low
Unreviewed
CVE-2020-7322
was published
May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2020-15370
was published
May 24, 2022
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC...
High
Unreviewed
CVE-2020-26106
was published
May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and...
Moderate
Unreviewed
CVE-2020-11643
was published
May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262...
Moderate
Unreviewed
CVE-2020-11646
was published
May 24, 2022
An information exposure through log file vulnerability exists where the password for the...
Low
Unreviewed
CVE-2020-2048
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5...
Moderate
Unreviewed
CVE-2020-4671
was published
May 24, 2022
Heketi logs sensitive information
Moderate
CVE-2020-10763
was published
for
github.com/heketi/heketi
(Go)
May 24, 2022
An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the...
Moderate
Unreviewed
CVE-2020-10762
was published
May 24, 2022
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files...
Moderate
Unreviewed
CVE-2020-4900
was published
May 24, 2022
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as...
High
Unreviewed
CVE-2020-35234
was published
May 24, 2022
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to...
Moderate
Unreviewed
CVE-2020-0476
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text...
Moderate
Unreviewed
CVE-2020-26199
was published
May 24, 2022
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco...
Moderate
Unreviewed
CVE-2021-1226
was published
May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer...
Moderate
Unreviewed
CVE-2021-20359
was published
May 24, 2022
Insertion of Sensitive Information into Log File in Elasticsearch
Moderate
CVE-2020-7021
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici...
Moderate
Unreviewed
CVE-2021-25688
was published
May 24, 2022
There is an information leakage vulnerability in some huawei products. Due to the properly...
Moderate
Unreviewed
CVE-2021-22310
was published
May 24, 2022
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE...
High
Unreviewed
CVE-2021-1442
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API