Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

356 advisories

Loading
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5... Moderate Unreviewed
CVE-2020-4671 was published May 24, 2022
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262... Moderate Unreviewed
CVE-2020-11646 was published May 24, 2022
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and... Moderate Unreviewed
CVE-2020-11643 was published May 24, 2022
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote... Moderate Unreviewed
CVE-2020-15370 was published May 24, 2022
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog... Moderate Unreviewed
CVE-2020-13881 was published May 24, 2022
In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of... Moderate Unreviewed
CVE-2020-11968 was published May 24, 2022
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background... Moderate Unreviewed
CVE-2020-5400 was published May 24, 2022
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote... Moderate Unreviewed
CVE-2019-16203 was published May 24, 2022
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external... Moderate Unreviewed
CVE-2019-16204 was published May 24, 2022
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential... Moderate Unreviewed
CVE-2019-14885 was published May 24, 2022
OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the... Moderate Unreviewed
CVE-2019-14854 was published May 24, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to... Moderate Unreviewed
CVE-2019-14782 was published May 24, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's... Moderate Unreviewed
CVE-2019-15235 was published May 24, 2022
When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE... Moderate Unreviewed
CVE-2019-10695 was published May 24, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while... Moderate Unreviewed
CVE-2019-16210 was published May 24, 2022
IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service... Moderate Unreviewed
CVE-2019-4572 was published May 24, 2022
Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows... Moderate Unreviewed
CVE-2019-0380 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes... Moderate Unreviewed
CVE-2019-6648 was published May 24, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15507 was published May 24, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for... Moderate Unreviewed
CVE-2019-5634 was published May 24, 2022
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. Moderate Unreviewed
CVE-2019-13515 was published May 24, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2019-1953 was published May 24, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database