GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
516 advisories
Filter by severity
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik...
Moderate
Unreviewed
CVE-2019-18238
was published
May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an...
Moderate
Unreviewed
CVE-2020-6794
was published
May 24, 2022
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could...
Moderate
Unreviewed
CVE-2021-35036
was published
Mar 2, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were...
Moderate
Unreviewed
CVE-2020-11694
was published
May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,...
Moderate
Unreviewed
CVE-2020-11821
was published
May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40363
was published
Feb 10, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and...
Moderate
Unreviewed
CVE-2019-17655
was published
May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and...
Moderate
Unreviewed
CVE-2020-13637
was published
May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at...
Low
Unreviewed
CVE-2019-18254
was published
May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store...
Moderate
Unreviewed
CVE-2020-12032
was published
May 24, 2022
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy...
Low
Unreviewed
CVE-2020-7516
was published
May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory...
Low
Unreviewed
CVE-2020-15485
was published
May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the...
High
Unreviewed
CVE-2020-27613
was published
May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2...
Moderate
Unreviewed
CVE-2020-28917
was published
May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1...
Moderate
Unreviewed
CVE-2020-8276
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored...
High
Unreviewed
CVE-2020-26551
was published
May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921...
Moderate
Unreviewed
CVE-2020-27557
was published
May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,...
Moderate
Unreviewed
CVE-2020-25677
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
Moderate
Unreviewed
CVE-2020-23249
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29502
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text...
Moderate
Unreviewed
CVE-2020-29489
was published
May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL...
Moderate
Unreviewed
CVE-2019-4687
was published
May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that...
Moderate
Unreviewed
CVE-2020-4843
was published
May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by...
Moderate
Unreviewed
CVE-2020-13473
was published
May 24, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A...
Moderate
Unreviewed
CVE-2021-22300
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API