Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

751 advisories

Loading
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's... High Unreviewed
CVE-2018-1000018 was published May 13, 2022
Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an... Critical Unreviewed
CVE-2018-0042 was published May 13, 2022
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain... Critical Unreviewed
CVE-2017-9615 was published May 13, 2022
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x... Critical Unreviewed
CVE-2017-4955 was published May 13, 2022
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other... Moderate Unreviewed
CVE-2017-3744 was published May 13, 2022
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache)... Critical Unreviewed
CVE-2017-15366 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login... Moderate Unreviewed
CVE-2017-11134 was published May 13, 2022
ovirt-engine Logs Plaintext Passwords To File Moderate
CVE-2017-15113 was published for org.ovirt.engine.sdk:ovirt-engine-sdk-java (Maven) May 13, 2022 withdrawn
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL... Moderate Unreviewed
CVE-2017-1198 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores... Moderate Unreviewed
CVE-2017-1480 was published May 13, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a... Low Unreviewed
CVE-2017-1733 was published May 13, 2022
IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly... Moderate Unreviewed
CVE-2017-1795 was published May 13, 2022
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an... Critical Unreviewed
CVE-2017-6709 was published May 13, 2022
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations... Critical Unreviewed
CVE-2017-7434 was published May 13, 2022
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver... Critical Unreviewed
CVE-2017-9278 was published May 13, 2022
A vulnerability in the web portal authentication process of Cisco Prime Collaboration... High Unreviewed
CVE-2018-0335 was published May 13, 2022
Moodle sensitive information disclosure Moderate
CVE-2018-10889 was published for moodle/moodle (Composer) May 13, 2022
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure... High Unreviewed
CVE-2018-15763 was published May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-17499 was published May 13, 2022
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored... Critical Unreviewed
CVE-2018-17922 was published May 13, 2022
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version,... Moderate Unreviewed
CVE-2018-19014 was published May 13, 2022
ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log... Critical Unreviewed
CVE-2018-1072 was published May 13, 2022
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db... High Unreviewed
CVE-2018-1075 was published May 13, 2022
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,... High Unreviewed
CVE-2018-1241 was published May 13, 2022
Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part... Critical Unreviewed
CVE-2018-1264 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database