Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

361 advisories

Loading
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for... Moderate Unreviewed
CVE-2019-5634 was published May 24, 2022
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. Moderate Unreviewed
CVE-2019-13515 was published May 24, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2019-1953 was published May 24, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain... Moderate Unreviewed
CVE-2019-4284 was published May 24, 2022
cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). Moderate Unreviewed
CVE-2017-18426 was published May 24, 2022
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC... Moderate Unreviewed
CVE-2016-10819 was published May 24, 2022
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-14268 was published May 24, 2022
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1... Moderate Unreviewed
CVE-2019-11273 was published May 24, 2022
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when... Moderate Unreviewed
CVE-2019-13098 was published May 24, 2022
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were... Moderate Unreviewed
CVE-2019-10194 was published May 24, 2022
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,... Moderate Unreviewed
CVE-2018-19583 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain... Moderate Unreviewed
CVE-2019-4299 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy... Moderate Unreviewed
CVE-2019-6158 was published May 24, 2022
All versions of unity-scope-gdrive logs search terms to syslog. Moderate Unreviewed
CVE-2015-1343 was published May 24, 2022
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during... Moderate Unreviewed
CVE-2014-3536 was published May 17, 2022
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed
CVE-2016-5967 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-2928 was published May 17, 2022
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys... Moderate Unreviewed
CVE-2016-4443 was published May 17, 2022
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log... Moderate Unreviewed
CVE-2016-8912 was published May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could... Moderate Unreviewed
CVE-2017-5137 was published May 17, 2022
IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be... Moderate Unreviewed
CVE-2016-9985 was published May 17, 2022
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x... Moderate Unreviewed
CVE-2017-0380 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database