Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

641 advisories

Loading
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text... Moderate Unreviewed
CVE-2021-21547 was published May 24, 2022
Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This... Moderate Unreviewed
CVE-2020-22783 was published May 24, 2022
In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after... High Unreviewed
CVE-2021-31791 was published May 24, 2022
Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored... Moderate Unreviewed
CVE-2021-31539 was published May 24, 2022
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC... Moderate Unreviewed
CVE-2021-3473 was published May 24, 2022
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager... Moderate Unreviewed
CVE-2021-25692 was published May 24, 2022
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115... Moderate Unreviewed
CVE-2021-26833 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. Moderate Unreviewed
CVE-2020-11923 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in... Moderate Unreviewed
CVE-2020-11924 was published May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of... Moderate Unreviewed
CVE-2021-26579 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1... Moderate Unreviewed
CVE-2020-4944 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in... Moderate Unreviewed
CVE-2020-4884 was published May 24, 2022
The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV... High Unreviewed
CVE-2021-28937 was published May 24, 2022
In all versions of GitLab starting from 13.7, marshalled session keys were being stored in Redis. Moderate Unreviewed
CVE-2021-22194 was published May 24, 2022
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a ... High Unreviewed
CVE-2021-28374 was published May 24, 2022
SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod Moderate
CVE-2021-25284 was published for salt (pip) May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive... Moderate Unreviewed
CVE-2021-26595 was published May 24, 2022
** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android... Moderate Unreviewed
CVE-2021-27549 was published May 24, 2022
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN... Moderate Unreviewed
CVE-2020-36248 was published May 24, 2022
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core... Moderate Unreviewed
CVE-2020-24491 was published May 24, 2022
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web... Moderate Unreviewed
CVE-2021-27233 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in... Moderate Unreviewed
CVE-2021-27205 was published May 24, 2022
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials... Moderate Unreviewed
CVE-2021-27210 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to... Moderate Unreviewed
CVE-2021-27204 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information... Moderate Unreviewed
CVE-2021-20408 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database