Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

753 advisories

Loading
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated... Moderate Unreviewed
CVE-2019-0004 was published May 13, 2022
A password management issue exists where the Organization authentication username and password... High Unreviewed
CVE-2019-0032 was published May 13, 2022
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly... High Unreviewed
CVE-2018-3827 was published May 13, 2022
Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7... High Unreviewed
CVE-2018-15797 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a... Moderate Unreviewed
CVE-2018-16095 was published May 13, 2022
** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode... High Unreviewed
CVE-2018-18466 was published May 13, 2022
A plain keystore password is written to a system log file in SAP HANA Extended Application... Moderate Unreviewed
CVE-2018-2372 was published May 13, 2022
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16... Moderate Unreviewed
CVE-2018-7754 was published May 13, 2022
Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users.... High Unreviewed
CVE-2019-0029 was published May 13, 2022
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS... High Unreviewed
CVE-2019-0266 was published May 13, 2022
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users'... Moderate Unreviewed
CVE-2019-3715 was published May 13, 2022
RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The... High Unreviewed
CVE-2019-3716 was published May 13, 2022
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to... High Unreviewed
CVE-2019-9976 was published May 13, 2022
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and... High Unreviewed
CVE-2018-1223 was published May 13, 2022
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support... High Unreviewed
CVE-2017-8001 was published May 13, 2022
Mediawiki information disclosure vulnerability Moderate
CVE-2018-0504 was published for mediawiki/core (Composer) May 13, 2022
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in... Critical Unreviewed
CVE-2019-4008 was published May 13, 2022
On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in... Moderate Unreviewed
CVE-2019-0021 was published May 13, 2022
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure... High Unreviewed
CVE-2018-3828 was published May 13, 2022
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker... Moderate Unreviewed
CVE-2018-3776 was published May 13, 2022
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1... High Unreviewed
CVE-2018-3609 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the... Moderate Unreviewed
CVE-2018-1876 was published May 13, 2022
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace... Moderate Unreviewed
CVE-2018-1788 was published May 13, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an... High Unreviewed
CVE-2018-1768 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1350 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database