Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,963 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico Moderate
CVE-2020-13597 was published for github.com/projectcalico/calico (Go) Feb 15, 2022
richardfan0606 luhring
Credited to richardfan0606 and luhring
Hashicorp Nomad Information Exposure Through Environmental Variables Moderate
CVE-2019-14802 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
tdunlap607
Credited to tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in Apache Guacamole Moderate Unreviewed
CVE-2021-41767 was published Feb 15, 2022
Exposure of server configuration in github.com/go-vela/server High
CVE-2020-26294 was published for github.com/go-vela/compiler (Go) Feb 15, 2022
matt-fevold wass3r
Credited to matt-fevold and wass3r
The Futurio Extra WordPress plugin before 1.6.3 allowed any logged in user, even a subscriber,... Moderate Unreviewed
CVE-2021-25110 was published Feb 15, 2022
Exposure of Sensitive Information in snipe/snipe-it Moderate
CVE-2022-0569 was published for snipe/snipe-it (Composer) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor in pimcore Moderate
CVE-2022-0565 was published for pimcore/pimcore (Composer) Feb 15, 2022
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information... High Unreviewed
CVE-2021-45421 was published Feb 15, 2022
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file... Critical Unreviewed
CVE-2021-45420 was published Feb 15, 2022
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of... High Unreviewed
CVE-2021-22785 was published Feb 12, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
Credited to byroot
Exposure of information in Action Pack High
CVE-2022-23633 was published for actionpack (RubyGems) Feb 11, 2022
byroot
Credited to byroot
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019... High Unreviewed
CVE-2021-40159 was published Feb 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet... Moderate Unreviewed
CVE-2021-0166 was published Feb 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet... Moderate Unreviewed
CVE-2021-0170 was published Feb 11, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
A high privileged user who has access to transaction SM59 can read connection details stored with... Moderate Unreviewed
CVE-2022-22545 was published Feb 11, 2022
S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business... Moderate Unreviewed
CVE-2022-22542 was published Feb 11, 2022
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded... Moderate Unreviewed
CVE-2022-22779 was published Feb 11, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20630 was published Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on... Moderate Unreviewed
CVE-2022-0018 was published Feb 11, 2022
Insecure template handling in Express-handlebars High
CVE-2021-32820 was published for express-handlebars (npm) Feb 10, 2022
Apache CXF JMX Integration is vulnerable to a MITM attack Moderate
CVE-2020-1954 was published for org.apache.cxf:cxf-rt-management (Maven) Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Concord High
CVE-2020-10591 was published for com.walmartlabs.concord:concord-common (Maven) Feb 10, 2022
binary-1024
Credited to binary-1024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database