GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
208 advisories
Filter by severity
Remote code execution in Apache Tapestry
Critical
CVE-2021-27850
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Jun 16, 2021
Sensitive Data Exposure in miniorange_saml
High
CVE-2021-36786
was published
for
miniorange/miniorange-saml
(Composer)
Sep 1, 2021
Improper use of cryptographic key in wal-g
High
CVE-2021-38599
was published
for
github.com/wal-g/wal-g
(Go)
Sep 2, 2021
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to...
Low
Unreviewed
CVE-2021-25524
was published
Dec 9, 2021
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02...
Low
Unreviewed
CVE-2021-25522
was published
Dec 9, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows...
Low
Unreviewed
CVE-2021-25523
was published
Dec 9, 2021
The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a...
High
Unreviewed
CVE-2021-42913
was published
Dec 21, 2021
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the...
Moderate
Unreviewed
CVE-2017-13909
was published
Dec 24, 2021
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control ...
Moderate
Unreviewed
CVE-2022-21823
was published
Jan 11, 2022
Authentication bypass in Apache Kylin
Moderate
CVE-2020-13937
was published
for
org.apache.kylin:kylin
(Maven)
Feb 10, 2022
Insecure Storage of Sensitive Information in Microweber
High
CVE-2022-0724
was published
for
microweber/microweber
(Composer)
Feb 24, 2022
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be...
High
Unreviewed
CVE-2022-25264
was published
Feb 26, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.
Moderate
Unreviewed
CVE-2022-0881
was published
Mar 10, 2022
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device...
Low
Unreviewed
CVE-2021-27456
was published
Mar 24, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior...
Moderate
Unreviewed
CVE-2022-1257
was published
Apr 15, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to...
Low
Unreviewed
CVE-2021-25266
was published
Apr 28, 2022
Insecure password handling vulnerability in Strapi
High
CVE-2021-46440
was published
for
@strapi/strapi
(npm)
May 4, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel...
Moderate
Unreviewed
CVE-2022-1044
was published
May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious...
Moderate
Unreviewed
CVE-2017-0493
was published
May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where...
Moderate
Unreviewed
CVE-2017-16560
was published
May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such...
Moderate
Unreviewed
CVE-2017-6911
was published
May 13, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low...
High
Unreviewed
CVE-2017-7253
was published
May 13, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade...
Moderate
Unreviewed
CVE-2019-3684
was published
May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API