Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

240 advisories

Loading
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The... Moderate Unreviewed
CVE-2019-4549 was published May 24, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel... Moderate Unreviewed
CVE-2022-1044 was published May 13, 2022
Insecure password handling vulnerability in Strapi High
CVE-2021-46440 was published for @strapi/strapi (npm) May 4, 2022
ezplatform-graphql GraphQL queries can expose password hashes High
CVE-2022-41876 was published for ezsystems/ezplatform-graphql (Composer) Nov 10, 2022
tranca
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6... High Unreviewed
CVE-2020-8481 was published May 24, 2022
lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30. Critical Unreviewed
CVE-2021-42371 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4805 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4803 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4809 was published May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed
CVE-2021-28813 was published May 24, 2022
In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing... Moderate Unreviewed
CVE-2021-0639 was published May 24, 2022
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584). Moderate Unreviewed
CVE-2021-38590 was published May 24, 2022
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special... Moderate Unreviewed
CVE-2021-36127 was published May 24, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed
CVE-2021-25266 was published Apr 28, 2022
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to... Low Unreviewed
CVE-2021-25404 was published May 24, 2022
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be... Low Unreviewed
CVE-2021-20396 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally... Low Unreviewed
CVE-2021-20391 was published May 24, 2022
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information... High Unreviewed
CVE-2021-22914 was published May 24, 2022
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to... Low Unreviewed
CVE-2021-25402 was published May 24, 2022
IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by... Low Unreviewed
CVE-2021-20575 was published May 24, 2022
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which... Low Unreviewed
CVE-2020-4765 was published May 24, 2022
Insecure storage of sensitive information has been reported to affect QNAP NAS running... Moderate Unreviewed
CVE-2021-28815 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores... Moderate Unreviewed
CVE-2020-5008 was published May 24, 2022
Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated... Moderate Unreviewed
CVE-2020-28911 was published May 24, 2022
In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can... Moderate Unreviewed
CVE-2020-29603 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database