GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,059

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

312 advisories

Filter by severity

Sort by

Least recently updated

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in... Moderate Unreviewed

CVE-2019-4314 was published May 24, 2022

Jenkins NeuVector Vulnerability Scanner Plugin stored credentials in plain text Moderate

CVE-2019-10430 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) May 24, 2022

IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2021-38949 was published May 24, 2022

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed

CVE-2020-10053 was published May 24, 2022

A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed

CVE-2021-25502 was published May 24, 2022

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed

CVE-2020-15935 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed

CVE-2021-29786 was published May 24, 2022

IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed

CVE-2021-38911 was published May 24, 2022

Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed

CVE-2021-40454 was published May 24, 2022

IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed

CVE-2021-38915 was published May 24, 2022

RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed

CVE-2021-36165 was published May 24, 2022

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed

CVE-2021-29904 was published May 24, 2022

A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed

CVE-2021-33716 was published May 24, 2022

When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed

CVE-2021-38150 was published May 24, 2022

An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed

CVE-2021-1865 was published May 24, 2022

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed

CVE-2021-36096 was published May 24, 2022

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed

CVE-2021-40087 was published May 24, 2022

A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed

CVE-2021-31989 was published May 24, 2022

UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle... Moderate Unreviewed

CVE-2020-36473 was published May 24, 2022

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix... Moderate Unreviewed

CVE-2021-33325 was published May 24, 2022

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by... Moderate Unreviewed

CVE-2021-31581 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be... Moderate Unreviewed

CVE-2021-20510 was published May 24, 2022

In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to... Moderate Unreviewed

CVE-2021-36158 was published May 24, 2022

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1... Moderate Unreviewed

CVE-2021-29956 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

312 advisories