Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

641 advisories

Loading
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote... High Unreviewed
CVE-2021-37842 was published May 24, 2022
Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The... High Unreviewed
CVE-2021-42763 was published May 24, 2022
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed
CVE-2021-41023 was published May 24, 2022
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed
CVE-2020-15935 was published May 24, 2022
IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed
CVE-2021-29786 was published May 24, 2022
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile... High Unreviewed
CVE-2021-40527 was published May 24, 2022
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed
CVE-2021-38911 was published May 24, 2022
Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-40454 was published May 24, 2022
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed
CVE-2021-38915 was published May 24, 2022
RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed
CVE-2021-36165 was published May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed
CVE-2021-29904 was published May 24, 2022
A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed
CVE-2021-33716 was published May 24, 2022
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed
CVE-2021-1865 was published May 24, 2022
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear... High Unreviewed
CVE-2020-19137 was published May 24, 2022
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed
CVE-2021-36096 was published May 24, 2022
An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed
CVE-2021-40087 was published May 24, 2022
A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed
CVE-2021-31989 was published May 24, 2022
In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured... High Unreviewed
CVE-2021-31820 was published May 24, 2022
UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle... Moderate Unreviewed
CVE-2020-36473 was published May 24, 2022
An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control... High Unreviewed
CVE-2020-18759 was published May 24, 2022
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. High Unreviewed
CVE-2021-37548 was published May 24, 2022
Liferay Portal and Liferay DXP autosaves form data for other users to see High
CVE-2021-33323 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Liferay Portal and Liferay DXP Stores User Passwords in Cleartext Moderate
CVE-2021-33325 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by... Moderate Unreviewed
CVE-2021-31581 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database