GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

640 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod Moderate

CVE-2021-25284 was published for salt (pip) May 24, 2022

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a ... High Unreviewed

CVE-2021-28374 was published May 24, 2022

In all versions of GitLab starting from 13.7, marshalled session keys were being stored in Redis. Moderate Unreviewed

CVE-2021-22194 was published May 24, 2022

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV... High Unreviewed

CVE-2021-28937 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1... Moderate Unreviewed

CVE-2020-4944 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in... Moderate Unreviewed

CVE-2020-4884 was published May 24, 2022

A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of... Moderate Unreviewed

CVE-2021-26579 was published May 24, 2022

An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in... Moderate Unreviewed

CVE-2020-11924 was published May 24, 2022

An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. Moderate Unreviewed

CVE-2020-11923 was published May 24, 2022

Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115... Moderate Unreviewed

CVE-2021-26833 was published May 24, 2022

Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager... Moderate Unreviewed

CVE-2021-25692 was published May 24, 2022

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC... Moderate Unreviewed

CVE-2021-3473 was published May 24, 2022

Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored... Moderate Unreviewed

CVE-2021-31539 was published May 24, 2022

In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after... High Unreviewed

CVE-2021-31791 was published May 24, 2022

Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This... Moderate Unreviewed

CVE-2020-22783 was published May 24, 2022

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text... Moderate Unreviewed

CVE-2021-21547 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror... Moderate Unreviewed

CVE-2021-22206 was published May 24, 2022

An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6... Moderate Unreviewed

CVE-2021-25645 was published May 24, 2022

In multiple managed switches by WAGO in different versions the webserver cookies of the web based... High Unreviewed

CVE-2021-20995 was published May 24, 2022

Cleartext storage of sensitive information in multiple versions of Octopus Server where in... High Unreviewed

CVE-2021-30183 was published May 24, 2022

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect... High Unreviewed

CVE-2021-25644 was published May 24, 2022

IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-29683 was published May 24, 2022

In Versa Director, the unencrypted backup files stored on the Versa deployment contain... Moderate Unreviewed

CVE-2018-16498 was published May 24, 2022

Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login... Moderate Unreviewed

CVE-2021-21734 was published May 24, 2022

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations.... Moderate Unreviewed

CVE-2021-31855 was published May 24, 2022

Previous 1…9…26 Next

Previous 1 2 … 7 8 9 10 11 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

640 advisories