Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS... Moderate Unreviewed
CVE-2019-5633 was published May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox... Moderate Unreviewed
CVE-2019-9253 was published May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global... Moderate Unreviewed
CVE-2019-14957 was published May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The... Moderate Unreviewed
CVE-2019-4549 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13717 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13719 was published May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ... Moderate Unreviewed
CVE-2020-1493 was published May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2020-4172 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high... High Unreviewed
CVE-2020-15775 was published May 24, 2022
In constructImportFailureNotification of NotificationImportExportListener.java, there is a... Low Unreviewed
CVE-2020-0422 was published May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to... Moderate Unreviewed
CVE-2019-8790 was published May 24, 2022
This issue was resolved by replacing device names with a random identifier. This issue is fixed... Low Unreviewed
CVE-2019-8799 was published May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a... Moderate Unreviewed
CVE-2020-11484 was published May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was... Moderate Unreviewed
CVE-2019-8898 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that... Low Unreviewed
CVE-2020-4886 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with... Low Unreviewed
CVE-2019-19557 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed
CVE-2019-19560 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with... Low Unreviewed
CVE-2019-19561 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker... Moderate Unreviewed
CVE-2019-19562 was published May 24, 2022
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2020-27746 was published May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to... Low Unreviewed
CVE-2020-4906 was published May 24, 2022
An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control... Moderate Unreviewed
CVE-2020-26176 was published May 24, 2022
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10... Moderate Unreviewed
CVE-2020-9202 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database