GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
508 advisories
Filter by severity
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,...
Moderate
Unreviewed
CVE-2020-25677
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1...
Moderate
Unreviewed
CVE-2019-4738
was published
May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an...
High
Unreviewed
CVE-2020-29583
was published
May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ...
High
Unreviewed
CVE-2020-29550
was published
May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that...
Moderate
Unreviewed
CVE-2020-4843
was published
May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by...
Moderate
Unreviewed
CVE-2020-13473
was published
May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an...
High
Unreviewed
CVE-2018-19941
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
Moderate
Unreviewed
CVE-2020-23249
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text...
Moderate
Unreviewed
CVE-2020-29489
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29500
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29502
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29501
was published
May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55....
High
Unreviewed
CVE-2020-24577
was published
May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in...
Moderate
Unreviewed
CVE-2020-25678
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs...
High
Unreviewed
CVE-2020-5018
was published
May 24, 2022
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users...
High
Unreviewed
CVE-2020-5805
was published
May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL...
Moderate
Unreviewed
CVE-2019-4687
was published
May 24, 2022
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be...
Moderate
Unreviewed
CVE-2020-4604
was published
May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any...
Moderate
Unreviewed
CVE-2021-1265
was published
May 24, 2022
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury...
High
Unreviewed
CVE-2020-29001
was published
May 24, 2022
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be...
Moderate
Unreviewed
CVE-2020-4189
was published
May 24, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A...
Moderate
Unreviewed
CVE-2021-22300
was published
May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2021-20358
was published
May 24, 2022
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via ...
Moderate
Unreviewed
CVE-2021-26550
was published
May 24, 2022
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale...
High
Unreviewed
CVE-2021-0337
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API