Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

208 advisories

Loading
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks... Moderate Unreviewed
CVE-2020-4674 was published May 24, 2022
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in... Moderate Unreviewed
CVE-2020-4673 was published May 24, 2022
In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can... Moderate Unreviewed
CVE-2020-29603 was published May 24, 2022
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed
CVE-2021-25776 was published May 24, 2022
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files ... High Unreviewed
CVE-2021-25276 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no... Critical Unreviewed
CVE-2021-27170 was published May 24, 2022
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored... Low Unreviewed
CVE-2020-4726 was published May 24, 2022
The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store... Moderate Unreviewed
CVE-2021-28653 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally... Low Unreviewed
CVE-2021-20391 was published May 24, 2022
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which... Low Unreviewed
CVE-2020-4765 was published May 24, 2022
Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated... Moderate Unreviewed
CVE-2020-28911 was published May 24, 2022
IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by... Low Unreviewed
CVE-2021-20575 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores... Moderate Unreviewed
CVE-2020-5008 was published May 24, 2022
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to... Low Unreviewed
CVE-2021-25404 was published May 24, 2022
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to... Low Unreviewed
CVE-2021-25402 was published May 24, 2022
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be... Low Unreviewed
CVE-2021-20396 was published May 24, 2022
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information... High Unreviewed
CVE-2021-22914 was published May 24, 2022
Insecure storage of sensitive information has been reported to affect QNAP NAS running... Moderate Unreviewed
CVE-2021-28815 was published May 24, 2022
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special... Moderate Unreviewed
CVE-2021-36127 was published May 24, 2022
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1... Moderate Unreviewed
CVE-2021-21816 was published May 24, 2022
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584). Moderate Unreviewed
CVE-2021-38590 was published May 24, 2022
In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing... Moderate Unreviewed
CVE-2021-0639 was published May 24, 2022
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),... High Unreviewed
CVE-2021-39289 was published May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed
CVE-2021-28813 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4809 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database