GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
290 advisories
Filter by severity
In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to...
Moderate
Unreviewed
CVE-2021-36158
was published
May 24, 2022
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1...
Moderate
Unreviewed
CVE-2021-29956
was published
May 24, 2022
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the...
Moderate
Unreviewed
CVE-2021-28858
was published
May 24, 2022
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A...
Moderate
Unreviewed
CVE-2021-28979
was published
May 24, 2022
ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in...
Moderate
Unreviewed
CVE-2021-27487
was published
May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre...
Moderate
Unreviewed
CVE-2021-23211
was published
May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre...
Moderate
Unreviewed
CVE-2021-23182
was published
May 24, 2022
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful...
Moderate
Unreviewed
CVE-2020-15384
was published
May 24, 2022
The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all...
Moderate
Unreviewed
CVE-2021-32942
was published
May 24, 2022
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations....
Moderate
Unreviewed
CVE-2021-31855
was published
May 24, 2022
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login...
Moderate
Unreviewed
CVE-2021-21734
was published
May 24, 2022
In Versa Director, the unencrypted backup files stored on the Versa deployment contain...
Moderate
Unreviewed
CVE-2018-16498
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read...
Moderate
Unreviewed
CVE-2021-29683
was published
May 24, 2022
An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6...
Moderate
Unreviewed
CVE-2021-25645
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror...
Moderate
Unreviewed
CVE-2021-22206
was published
May 24, 2022
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text...
Moderate
Unreviewed
CVE-2021-21547
was published
May 24, 2022
Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This...
Moderate
Unreviewed
CVE-2020-22783
was published
May 24, 2022
Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored...
Moderate
Unreviewed
CVE-2021-31539
was published
May 24, 2022
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC...
Moderate
Unreviewed
CVE-2021-3473
was published
May 24, 2022
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115...
Moderate
Unreviewed
CVE-2021-26833
was published
May 24, 2022
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager...
Moderate
Unreviewed
CVE-2021-25692
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in...
Moderate
Unreviewed
CVE-2020-11924
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.
Moderate
Unreviewed
CVE-2020-11923
was published
May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of...
Moderate
Unreviewed
CVE-2021-26579
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1...
Moderate
Unreviewed
CVE-2020-4944
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API