Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

310 advisories

Loading
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via ... Moderate Unreviewed
CVE-2021-26550 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-20358 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1... Moderate Unreviewed
CVE-2019-4738 was published May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any... Moderate Unreviewed
CVE-2021-1265 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information... Moderate Unreviewed
CVE-2021-20408 was published May 24, 2022
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before... Moderate Unreviewed
CVE-2015-1931 was published Sep 30, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A... Moderate Unreviewed
CVE-2021-22300 was published May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by... Moderate Unreviewed
CVE-2020-13473 was published May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that... Moderate Unreviewed
CVE-2020-4843 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL... Moderate Unreviewed
CVE-2019-4687 was published May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext. Moderate Unreviewed
CVE-2020-23249 was published May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text... Moderate Unreviewed
CVE-2020-29489 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29502 was published May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,... Moderate Unreviewed
CVE-2020-25677 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921... Moderate Unreviewed
CVE-2020-27557 was published May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1... Moderate Unreviewed
CVE-2020-8276 was published May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2... Moderate Unreviewed
CVE-2020-28917 was published May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store... Moderate Unreviewed
CVE-2020-12032 was published May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and... Moderate Unreviewed
CVE-2020-13637 was published May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and... Moderate Unreviewed
CVE-2019-17655 was published May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,... Moderate Unreviewed
CVE-2020-11821 was published May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could... Moderate Unreviewed
CVE-2021-35036 was published Mar 2, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an... Moderate Unreviewed
CVE-2020-6794 was published May 24, 2022
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik... Moderate Unreviewed
CVE-2019-18238 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database