GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
136 advisories
Filter by severity
In constructImportFailureNotification of NotificationImportExportListener.java, there is a...
Low
Unreviewed
CVE-2020-0422
was published
May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high...
High
Unreviewed
CVE-2020-15775
was published
May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may...
Moderate
Unreviewed
CVE-2020-4172
was published
May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ...
Moderate
Unreviewed
CVE-2020-1493
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13717
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13719
was published
May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The...
Moderate
Unreviewed
CVE-2019-4549
was published
May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in...
High
Unreviewed
CVE-2019-5626
was published
May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade...
Moderate
Unreviewed
CVE-2019-3684
was published
May 24, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low...
High
Unreviewed
CVE-2017-7253
was published
May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such...
Moderate
Unreviewed
CVE-2017-6911
was published
May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where...
Moderate
Unreviewed
CVE-2017-16560
was published
May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious...
Moderate
Unreviewed
CVE-2017-0493
was published
May 13, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel...
Moderate
Unreviewed
CVE-2022-1044
was published
May 13, 2022
Insecure password handling vulnerability in Strapi
High
CVE-2021-46440
was published
for
@strapi/strapi
(npm)
May 4, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to...
Low
Unreviewed
CVE-2021-25266
was published
Apr 28, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior...
Moderate
Unreviewed
CVE-2022-1257
was published
Apr 15, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device...
Low
Unreviewed
CVE-2021-27456
was published
Mar 24, 2022
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.
Moderate
Unreviewed
CVE-2022-0881
was published
Mar 10, 2022
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be...
High
Unreviewed
CVE-2022-25264
was published
Feb 26, 2022
ProTip!
Advisories are also available from the
GraphQL API