Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
codders-dataset Process Table Local Plaintext Credential Disclosure High
CVE-2014-4991 was published for codders-dataset (RubyGems) May 14, 2022
jasnow
Credited to jasnow
backup-agoddard and backup_checksum have Information Exposure vulnerability High
CVE-2014-4993 was published for backup-agoddard (RubyGems) May 14, 2022
point-cli allows local users to obtain sensitive information by listing the process High
CVE-2014-4997 was published for point-cli (RubyGems) May 14, 2022
kajam allows local users to obtain sensitive information by listing the process High
CVE-2014-4999 was published for kajam (RubyGems) May 14, 2022
lean-ruport allows local users to obtain sensitive information by listing the process High
CVE-2014-4998 was published for lean-ruport (RubyGems) May 14, 2022
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive... High Unreviewed
CVE-2018-5266 was published May 14, 2022
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security ... High Unreviewed
CVE-2017-14082 was published May 14, 2022
Apache Geode gfsh authorization vulnerability High
CVE-2017-12622 was published for org.apache.geode:geode-core (Maven) May 14, 2022
An information disclosure vulnerability in the Android framework (clipboardservice). Product:... High Unreviewed
CVE-2017-0846 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aacdec). Product: Android... High Unreviewed
CVE-2017-13206 was published May 14, 2022
Apache Sling JCR ContentLoader XmlReader Arbitrary File Load High
CVE-2012-3353 was published for org.apache.sling:org.apache.sling.jcr.contentloader (Maven) May 14, 2022
RAVPower FileHub 2.000.056 allows remote users to steal sensitive information via a crafted HTTP... High Unreviewed
CVE-2018-5319 was published May 14, 2022
An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for... High Unreviewed
CVE-2018-6015 was published May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt High
CVE-2014-9970 was published for org.jasypt:jasypt (Maven) May 14, 2022
IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2016-0312 was published May 14, 2022
Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to... High Unreviewed
CVE-2015-2204 was published May 14, 2022
Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the... High Unreviewed
CVE-2018-6008 was published May 14, 2022
A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT... High Unreviewed
CVE-2017-8980 was published May 14, 2022
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server... High Unreviewed
CVE-2018-6460 was published May 14, 2022
Cloud Foundry UAA SessionID present in Audit Event Logs High
CVE-2018-1192 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId... High Unreviewed
CVE-2018-6610 was published May 14, 2022
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5... High Unreviewed
CVE-2017-13243 was published May 14, 2022
A information disclosure vulnerability in the Upstream kernel network driver. Product: Android.... High Unreviewed
CVE-2017-13246 was published May 14, 2022
Arbitrary File Read in Saperion Web Client version 7.5.2 83166. High Unreviewed
CVE-2018-6293 was published May 14, 2022
A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version... High Unreviewed
CVE-2017-5795 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database