Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

753 advisories

Loading
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log... Moderate Unreviewed
CVE-2016-8912 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8... High Unreviewed
CVE-2015-8977 was published May 17, 2022
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive... Low Unreviewed
CVE-2016-0296 was published May 17, 2022
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys... Moderate Unreviewed
CVE-2016-4443 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by... Low Unreviewed
CVE-2016-2943 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-2928 was published May 17, 2022
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed
CVE-2016-5967 was published May 17, 2022
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0... Low Unreviewed
CVE-2016-5432 was published May 17, 2022
OpenStack Glance sensitive information disclosure via logs Moderate
CVE-2014-1948 was published for glance (pip) May 17, 2022
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during... Moderate Unreviewed
CVE-2014-3536 was published May 17, 2022
All versions of unity-scope-gdrive logs search terms to syslog. Moderate Unreviewed
CVE-2015-1343 was published May 24, 2022
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s... High Unreviewed
CVE-2019-6157 was published May 24, 2022
aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a... High Unreviewed
CVE-2019-9734 was published May 24, 2022
aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an... High Unreviewed
CVE-2019-9724 was published May 24, 2022
ProjectSend before r1070 writes user passwords to the server logs. High Unreviewed
CVE-2019-11492 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy... Moderate Unreviewed
CVE-2019-6158 was published May 24, 2022
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used... High Unreviewed
CVE-2019-11336 was published May 24, 2022
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. High Unreviewed
CVE-2019-9929 was published May 24, 2022
Cloud Foundry BOSH 267.x versions prior to v267.14.0, and BOSH 270.x versions prior to v270.1.1,... High Unreviewed
CVE-2019-11271 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain... Moderate Unreviewed
CVE-2019-4299 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a... Low Unreviewed
CVE-2019-4296 was published May 24, 2022
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,... Moderate Unreviewed
CVE-2018-19583 was published May 24, 2022
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were... Moderate Unreviewed
CVE-2019-10194 was published May 24, 2022
Secret insertion into debug log in Docker High
CVE-2019-13509 was published for github.com/docker/docker (Go) May 24, 2022
joshbressers
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when... Moderate Unreviewed
CVE-2019-13098 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database