GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
310 advisories
Filter by severity
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user...
Moderate
Unreviewed
CVE-2021-29904
was published
May 24, 2022
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an...
Moderate
Unreviewed
CVE-2021-38915
was published
May 24, 2022
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can...
Moderate
Unreviewed
CVE-2021-38911
was published
May 24, 2022
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0...
Moderate
Unreviewed
CVE-2020-15935
was published
May 24, 2022
IBM Jazz Team Server products stores user credentials in clear text which can be read by an...
Moderate
Unreviewed
CVE-2021-29786
was published
May 24, 2022
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below...
Moderate
Unreviewed
CVE-2021-41023
was published
May 24, 2022
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which...
Moderate
Unreviewed
CVE-2021-38949
was published
May 24, 2022
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov...
Moderate
Unreviewed
CVE-2021-25502
was published
May 24, 2022
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The...
Moderate
Unreviewed
CVE-2020-10053
was published
May 24, 2022
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’...
Moderate
Unreviewed
CVE-2020-3935
was published
May 24, 2022
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20...
Moderate
Unreviewed
CVE-2022-35279
was published
Nov 4, 2022
The vCenter Server contains an information disclosure vulnerability due to the logging of...
Moderate
Unreviewed
CVE-2022-31697
was published
Dec 13, 2022
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the...
Moderate
Unreviewed
CVE-2010-0225
was published
May 2, 2022
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass....
Moderate
Unreviewed
CVE-2022-29868
was published
May 10, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be...
Moderate
Unreviewed
CVE-2018-1882
was published
May 13, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-29090
was published
Aug 11, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not...
Moderate
Unreviewed
CVE-2015-5537
was published
May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions...
Moderate
Unreviewed
CVE-2018-18984
was published
May 13, 2022
Unencrypted storage of client side sessions
Moderate
CVE-2021-29481
was published
for
io.ratpack:ratpack-session
(Maven)
Jul 1, 2021
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1...
Moderate
Unreviewed
CVE-2019-3612
was published
May 13, 2022
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee...
Moderate
Unreviewed
CVE-2019-3606
was published
May 13, 2022
Instance config inline secret exposure in Grafana
Moderate
CVE-2021-41090
was published
for
github.com/grafana/agent
(Go)
Dec 8, 2021
A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0...
Moderate
Unreviewed
CVE-2022-45439
was published
Jan 17, 2023
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the...
Moderate
Unreviewed
CVE-2021-42066
was published
Dec 15, 2021
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81...
Moderate
Unreviewed
CVE-2019-5765
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API