Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

641 advisories

Loading
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext. Moderate Unreviewed
CVE-2020-23249 was published May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an... High Unreviewed
CVE-2018-19941 was published May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by... Moderate Unreviewed
CVE-2020-13473 was published May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that... Moderate Unreviewed
CVE-2020-4843 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1... Moderate Unreviewed
CVE-2019-4738 was published May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,... Moderate Unreviewed
CVE-2020-25677 was published May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2... Moderate Unreviewed
CVE-2020-28917 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921... Moderate Unreviewed
CVE-2020-27557 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored... High Unreviewed
CVE-2020-26551 was published May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1... Moderate Unreviewed
CVE-2020-8276 was published May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in... Moderate Unreviewed
CVE-2020-6648 was published May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the... High Unreviewed
CVE-2020-27613 was published May 24, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away... High Unreviewed
CVE-2020-8225 was published May 24, 2022
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory... Low Unreviewed
CVE-2020-15485 was published May 24, 2022
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy... Low Unreviewed
CVE-2020-7516 was published May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store... Moderate Unreviewed
CVE-2020-12032 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at... Low Unreviewed
CVE-2019-18254 was published May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis Moderate
CVE-2020-10727 was published for org.apache.activemq:artemis-commons (Maven) May 24, 2022
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed
CVE-2020-10273 was published May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and... Moderate Unreviewed
CVE-2020-13637 was published May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and... Moderate Unreviewed
CVE-2019-17655 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. High Unreviewed
CVE-2020-13783 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database