Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

290 advisories

Loading
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in... Moderate Unreviewed
CVE-2020-4884 was published May 24, 2022
In all versions of GitLab starting from 13.7, marshalled session keys were being stored in Redis. Moderate Unreviewed
CVE-2021-22194 was published May 24, 2022
SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod Moderate
CVE-2021-25284 was published for salt (pip) May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive... Moderate Unreviewed
CVE-2021-26595 was published May 24, 2022
** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android... Moderate Unreviewed
CVE-2021-27549 was published May 24, 2022
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN... Moderate Unreviewed
CVE-2020-36248 was published May 24, 2022
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core... Moderate Unreviewed
CVE-2020-24491 was published May 24, 2022
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web... Moderate Unreviewed
CVE-2021-27233 was published May 24, 2022
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials... Moderate Unreviewed
CVE-2021-27210 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in... Moderate Unreviewed
CVE-2021-27205 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to... Moderate Unreviewed
CVE-2021-27204 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information... Moderate Unreviewed
CVE-2021-20408 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text... Moderate Unreviewed
CVE-2021-20410 was published May 24, 2022
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security ... Moderate Unreviewed
CVE-2021-23878 was published May 24, 2022
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via ... Moderate Unreviewed
CVE-2021-26550 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-20358 was published May 24, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A... Moderate Unreviewed
CVE-2021-22300 was published May 24, 2022
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be... Moderate Unreviewed
CVE-2020-4189 was published May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any... Moderate Unreviewed
CVE-2021-1265 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be... Moderate Unreviewed
CVE-2020-4604 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL... Moderate Unreviewed
CVE-2019-4687 was published May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in... Moderate Unreviewed
CVE-2020-25678 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29502 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29501 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29500 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database