Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

136 advisories

Loading
In constructImportFailureNotification of NotificationImportExportListener.java, there is a... Low Unreviewed
CVE-2020-0422 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high... High Unreviewed
CVE-2020-15775 was published May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2020-4172 was published May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ... Moderate Unreviewed
CVE-2020-1493 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13717 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13719 was published May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The... Moderate Unreviewed
CVE-2019-4549 was published May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global... Moderate Unreviewed
CVE-2019-14957 was published May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox... Moderate Unreviewed
CVE-2019-9253 was published May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS... Moderate Unreviewed
CVE-2019-5633 was published May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed
CVE-2019-3684 was published May 24, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low... High Unreviewed
CVE-2017-7253 was published May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such... Moderate Unreviewed
CVE-2017-6911 was published May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where... Moderate Unreviewed
CVE-2017-16560 was published May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious... Moderate Unreviewed
CVE-2017-0493 was published May 13, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel... Moderate Unreviewed
CVE-2022-1044 was published May 13, 2022
Insecure password handling vulnerability in Strapi High
CVE-2021-46440 was published for @strapi/strapi (npm) May 4, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed
CVE-2021-25266 was published Apr 28, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior... Moderate Unreviewed
CVE-2022-1257 was published Apr 15, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device... Low Unreviewed
CVE-2021-27456 was published Mar 24, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. Moderate Unreviewed
CVE-2022-0881 was published Mar 10, 2022
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be... High Unreviewed
CVE-2022-25264 was published Feb 26, 2022
ProTip! Advisories are also available from the GraphQL API