Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

538 advisories

Loading
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at... Low Unreviewed
CVE-2019-18254 was published May 24, 2022
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed
CVE-2020-10273 was published May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and... Moderate Unreviewed
CVE-2020-13637 was published May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and... Moderate Unreviewed
CVE-2019-17655 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. High Unreviewed
CVE-2020-13783 was published May 24, 2022
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed
CVE-2020-12801 was published May 24, 2022
A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the... Moderate Unreviewed
CVE-2020-10706 was published May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,... Moderate Unreviewed
CVE-2020-11821 was published May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1... High Unreviewed
CVE-2020-10267 was published May 24, 2022
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via... Moderate Unreviewed
CVE-2019-15656 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Low Unreviewed
CVE-2019-19291 was published May 24, 2022
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where... Moderate Unreviewed
CVE-2019-14886 was published May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an... Moderate Unreviewed
CVE-2020-6794 was published May 24, 2022
IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the... Moderate Unreviewed
CVE-2020-9407 was published May 24, 2022
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik... Moderate Unreviewed
CVE-2019-18238 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed
CVE-2019-13947 was published May 24, 2022
An attacker with low privilege could retrieve usernames and passwords credentials from the new... High Unreviewed
CVE-2019-14890 was published May 24, 2022
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell... High Unreviewed
CVE-2019-3767 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in... High Unreviewed
CVE-2019-15023 was published May 24, 2022
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed
CVE-2019-15947 was published May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed
CVE-2019-3753 was published May 24, 2022
TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure... Critical Unreviewed
CVE-2019-13096 was published May 24, 2022
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5810 was published May 24, 2022
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with... Moderate Unreviewed
CVE-2018-2028 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database