Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

285 advisories

Loading
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre... Moderate Unreviewed
CVE-2021-23182 was published May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed
CVE-2021-29904 was published May 24, 2022
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed
CVE-2021-38915 was published May 24, 2022
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed
CVE-2021-38911 was published May 24, 2022
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed
CVE-2020-15935 was published May 24, 2022
IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed
CVE-2021-29786 was published May 24, 2022
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed
CVE-2021-41023 was published May 24, 2022
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2021-38949 was published May 24, 2022
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed
CVE-2021-25502 was published May 24, 2022
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed
CVE-2020-10053 was published May 24, 2022
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’... Moderate Unreviewed
CVE-2020-3935 was published May 24, 2022
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20... Moderate Unreviewed
CVE-2022-35279 was published Nov 4, 2022
The vCenter Server contains an information disclosure vulnerability due to the logging of... Moderate Unreviewed
CVE-2022-31697 was published Dec 13, 2022
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the... Moderate Unreviewed
CVE-2010-0225 was published May 2, 2022
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass.... Moderate Unreviewed
CVE-2022-29868 was published May 10, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be... Moderate Unreviewed
CVE-2018-1882 was published May 13, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A... Moderate Unreviewed
CVE-2022-29090 was published Aug 11, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not... Moderate Unreviewed
CVE-2015-5537 was published May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions... Moderate Unreviewed
CVE-2018-18984 was published May 13, 2022
Unencrypted storage of client side sessions Moderate
CVE-2021-29481 was published for io.ratpack:ratpack-session (Maven) Jul 1, 2021
JLLeitschuh
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee... Moderate Unreviewed
CVE-2019-3606 was published May 13, 2022
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1... Moderate Unreviewed
CVE-2019-3612 was published May 13, 2022
Instance config inline secret exposure in Grafana Moderate
CVE-2021-41090 was published for github.com/grafana/agent (Go) Dec 8, 2021
A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0... Moderate Unreviewed
CVE-2022-45439 was published Jan 17, 2023
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email... Moderate Unreviewed
CVE-2021-34544 was published Dec 8, 2021
ProTip! Advisories are also available from the GraphQL API