GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20 advisories
Filter by severity
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable...
Moderate
Unreviewed
CVE-2022-1522
was published
Sep 7, 2022
OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the...
Moderate
Unreviewed
CVE-2019-14854
was published
May 24, 2022
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when...
Moderate
Unreviewed
CVE-2018-10932
was published
May 13, 2022
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the...
Moderate
Unreviewed
CVE-2023-0595
was published
Feb 24, 2023
Sensitive Data Exposure in Openshift Container Platform
Moderate
Unreviewed
CVE-2019-10213
was published
May 17, 2021
An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7...
Moderate
Unreviewed
CVE-2023-46713
was published
Dec 13, 2023
OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected...
Moderate
Unreviewed
CVE-2023-7234
was published
Jan 16, 2024
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being...
Moderate
Unreviewed
CVE-2021-20333
was published
May 24, 2022
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate...
Moderate
Unreviewed
CVE-2023-38020
was published
Feb 2, 2024
A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1...
Moderate
Unreviewed
CVE-2024-0987
was published
Jan 29, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM...
Moderate
Unreviewed
CVE-2024-22356
was published
Mar 26, 2024
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that...
Moderate
Unreviewed
CVE-2023-1711
was published
May 30, 2023
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an...
Moderate
Unreviewed
CVE-2023-31405
was published
Jul 11, 2023
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603,...
Moderate
Unreviewed
CVE-2023-36924
was published
Jul 11, 2023
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in...
Moderate
Unreviewed
CVE-2023-4065
was published
Sep 27, 2023
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs...
Moderate
Unreviewed
CVE-2023-39461
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in...
Moderate
Unreviewed
CVE-2023-28952
was published
May 3, 2024
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly...
Moderate
Unreviewed
CVE-2024-31845
was published
May 21, 2024
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f....
Moderate
Unreviewed
CVE-2024-8334
was published
Aug 30, 2024
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-8297
was published
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API