GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,195

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

640 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed

CVE-2021-36096 was published May 24, 2022

Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear... High Unreviewed

CVE-2020-19137 was published May 24, 2022

An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed

CVE-2021-1865 was published May 24, 2022

When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed

CVE-2021-38150 was published May 24, 2022

A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed

CVE-2021-33716 was published May 24, 2022

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed

CVE-2021-29904 was published May 24, 2022

RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed

CVE-2021-36165 was published May 24, 2022

IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed

CVE-2021-38915 was published May 24, 2022

Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed

CVE-2021-40454 was published May 24, 2022

IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed

CVE-2021-38911 was published May 24, 2022

Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile... High Unreviewed

CVE-2021-40527 was published May 24, 2022

IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed

CVE-2021-29786 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed

CVE-2020-15935 was published May 24, 2022

Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The... High Unreviewed

CVE-2021-42763 was published May 24, 2022

metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote... High Unreviewed

CVE-2021-37842 was published May 24, 2022

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext,... High Unreviewed

CVE-2021-38422 was published May 24, 2022

A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed

CVE-2021-25502 was published May 24, 2022

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because... High Unreviewed

CVE-2021-42370 was published May 24, 2022

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed

CVE-2020-10053 was published May 24, 2022

An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config... High Unreviewed

CVE-2021-37157 was published May 24, 2022

IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2021-38949 was published May 24, 2022

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text... Low Unreviewed

CVE-2019-4566 was published May 24, 2022

Jenkins NeuVector Vulnerability Scanner Plugin stored credentials in plain text Moderate

CVE-2019-10430 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in... Moderate Unreviewed

CVE-2019-4314 was published May 24, 2022

Previous 1…11…26 Next

Previous 1 2 … 9 10 11 12 13 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

640 advisories