GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
165 advisories
Filter by severity
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key...
High
Unreviewed
CVE-2021-29950
was published
May 24, 2022
The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service...
High
Unreviewed
CVE-2020-29324
was published
May 24, 2022
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect...
High
Unreviewed
CVE-2021-25644
was published
May 24, 2022
Cleartext storage of sensitive information in multiple versions of Octopus Server where in...
High
Unreviewed
CVE-2021-30183
was published
May 24, 2022
In multiple managed switches by WAGO in different versions the webserver cookies of the web based...
High
Unreviewed
CVE-2021-20995
was published
May 24, 2022
In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after...
High
Unreviewed
CVE-2021-31791
was published
May 24, 2022
The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV...
High
Unreviewed
CVE-2021-28937
was published
May 24, 2022
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a ...
High
Unreviewed
CVE-2021-28374
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source...
High
Unreviewed
CVE-2021-20407
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext...
High
Unreviewed
CVE-2021-27175
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in...
High
Unreviewed
CVE-2021-27178
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext...
High
Unreviewed
CVE-2021-27176
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has...
High
Unreviewed
CVE-2021-27174
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find...
High
Unreviewed
CVE-2021-27140
was published
May 24, 2022
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale...
High
Unreviewed
CVE-2021-0337
was published
May 24, 2022
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury...
High
Unreviewed
CVE-2020-29001
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs...
High
Unreviewed
CVE-2020-5018
was published
May 24, 2022
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users...
High
Unreviewed
CVE-2020-5805
was published
May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55....
High
Unreviewed
CVE-2020-24577
was published
May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an...
High
Unreviewed
CVE-2018-19941
was published
May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an...
High
Unreviewed
CVE-2020-29583
was published
May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ...
High
Unreviewed
CVE-2020-29550
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored...
High
Unreviewed
CVE-2020-26551
was published
May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the...
High
Unreviewed
CVE-2020-27613
was published
May 24, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away...
High
Unreviewed
CVE-2020-8225
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API