Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

767 advisories

Loading
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically... Low Unreviewed
CVE-2021-25350 was published May 24, 2022
A flaw was found in several ansible modules, where parameters containing credentials, such as... Unknown Unreviewed
CVE-2021-3447 was published May 24, 2022
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive... High Unreviewed
CVE-2021-23924 was published May 24, 2022
A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3... Moderate Unreviewed
CVE-2021-24024 was published May 24, 2022
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS... Moderate Unreviewed
CVE-2021-3036 was published May 24, 2022
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS... Low Unreviewed
CVE-2021-3037 was published May 24, 2022
Automox Agent prior to version 31 logs potentially sensitive information in local log files,... Low Unreviewed
CVE-2021-26908 was published May 24, 2022
IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive... Moderate Unreviewed
CVE-2021-20536 was published May 24, 2022
Vault GitHub Action did not correctly mask multi-line secrets in output High
CVE-2021-32074 was published for hashicorp/vault-action (GitHub Actions) May 24, 2022
tdunlap607 Gentoli
A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens... Critical Unreviewed
CVE-2021-3528 was published May 24, 2022
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by... Moderate Unreviewed
CVE-2017-17675 was published May 24, 2022
A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when... Moderate Unreviewed
CVE-2021-3425 was published May 24, 2022
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager ... High Unreviewed
CVE-2021-22516 was published May 24, 2022
GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from... Moderate Unreviewed
CVE-2021-22219 was published May 24, 2022
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information... Moderate Unreviewed
CVE-2021-21558 was published May 24, 2022
An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma... Moderate Unreviewed
CVE-2021-3039 was published May 24, 2022
Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version... Moderate Unreviewed
CVE-2021-25423 was published May 24, 2022
Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151... Moderate Unreviewed
CVE-2021-25422 was published May 24, 2022
Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151... Moderate Unreviewed
CVE-2021-25421 was published May 24, 2022
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151... Moderate Unreviewed
CVE-2021-25420 was published May 24, 2022
In sspRequestCallback of BondStateMachine.java, there is a possible leak of Bluetooth MAC... Moderate Unreviewed
CVE-2021-0549 was published May 24, 2022
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged... Low Unreviewed
CVE-2021-29759 was published May 24, 2022
myFax version 229 logs sensitive information in the export log module which allows any user to... Moderate Unreviewed
CVE-2020-24038 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated... Moderate Unreviewed
CVE-2021-34689 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database