Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

538 advisories

Loading
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs... High Unreviewed
CVE-2020-5018 was published May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in... Moderate Unreviewed
CVE-2020-25678 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24577 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29500 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29501 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29502 was published May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text... Moderate Unreviewed
CVE-2020-29489 was published May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext. Moderate Unreviewed
CVE-2020-23249 was published May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an... High Unreviewed
CVE-2018-19941 was published May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by... Moderate Unreviewed
CVE-2020-13473 was published May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that... Moderate Unreviewed
CVE-2020-4843 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1... Moderate Unreviewed
CVE-2019-4738 was published May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,... Moderate Unreviewed
CVE-2020-25677 was published May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2... Moderate Unreviewed
CVE-2020-28917 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921... Moderate Unreviewed
CVE-2020-27557 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored... High Unreviewed
CVE-2020-26551 was published May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1... Moderate Unreviewed
CVE-2020-8276 was published May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in... Moderate Unreviewed
CVE-2020-6648 was published May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the... High Unreviewed
CVE-2020-27613 was published May 24, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away... High Unreviewed
CVE-2020-8225 was published May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory... Low Unreviewed
CVE-2020-15485 was published May 24, 2022
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy... Low Unreviewed
CVE-2020-7516 was published May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store... Moderate Unreviewed
CVE-2020-12032 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database