Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1... Moderate Unreviewed
CVE-2021-29956 was published May 24, 2022
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key... High Unreviewed
CVE-2021-29950 was published May 24, 2022
In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to... Moderate Unreviewed
CVE-2021-36158 was published May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed
CVE-2021-31817 was published May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed
CVE-2021-31816 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be... Moderate Unreviewed
CVE-2021-20510 was published May 24, 2022
The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt... High Unreviewed
CVE-2020-12731 was published May 24, 2022
An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary... High Unreviewed
CVE-2020-22741 was published May 24, 2022
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by... Moderate Unreviewed
CVE-2021-31581 was published May 24, 2022
The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix... Moderate Unreviewed
CVE-2021-33325 was published May 24, 2022
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before... High Unreviewed
CVE-2021-33323 was published May 24, 2022
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. High Unreviewed
CVE-2021-37548 was published May 24, 2022
An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control... High Unreviewed
CVE-2020-18759 was published May 24, 2022
UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle... Moderate Unreviewed
CVE-2020-36473 was published May 24, 2022
In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured... High Unreviewed
CVE-2021-31820 was published May 24, 2022
A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed
CVE-2021-31989 was published May 24, 2022
An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed
CVE-2021-40087 was published May 24, 2022
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed
CVE-2021-36096 was published May 24, 2022
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear... High Unreviewed
CVE-2020-19137 was published May 24, 2022
An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed
CVE-2021-1865 was published May 24, 2022
A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed
CVE-2021-33716 was published May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed
CVE-2021-29904 was published May 24, 2022
RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed
CVE-2021-36165 was published May 24, 2022
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed
CVE-2021-38915 was published May 24, 2022
Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-40454 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database