Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale... High Unreviewed
CVE-2021-0337 was published May 24, 2022
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury... High Unreviewed
CVE-2020-29001 was published May 24, 2022
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users... High Unreviewed
CVE-2020-5805 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs... High Unreviewed
CVE-2020-5018 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24577 was published May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an... High Unreviewed
CVE-2018-19941 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored... High Unreviewed
CVE-2020-26551 was published May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the... High Unreviewed
CVE-2020-27613 was published May 24, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away... High Unreviewed
CVE-2020-8225 was published May 24, 2022
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed
CVE-2020-10273 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. High Unreviewed
CVE-2020-13783 was published May 24, 2022
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1... High Unreviewed
CVE-2020-10267 was published May 24, 2022
An attacker with low privilege could retrieve usernames and passwords credentials from the new... High Unreviewed
CVE-2019-14890 was published May 24, 2022
Jenkins Delphix Plugin vulnerable to Cleartext credential storage High
CVE-2019-10453 was published for org.jenkins-ci.plugins:delphix (Maven) May 24, 2022
Jenkins iceScrum Plugin stores credentials in Cleartext High
CVE-2019-10443 was published for org.jenkins-ci.plugins:icescrum (Maven) May 24, 2022
Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin High
CVE-2019-10448 was published for jenkins.xtc:extensivetesting (Maven) May 24, 2022
Jenkins NeoLoad Plugin stores credentials in cleartext High
CVE-2019-10440 was published for org.jenkins-ci.plugins:neoload-jenkins-plugin (Maven) May 24, 2022
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell... High Unreviewed
CVE-2019-3767 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in... High Unreviewed
CVE-2019-15023 was published May 24, 2022
Plaintext Storage of Sensitive Information in Laravel Log Viewer before v0.13.0 High
CVE-2018-8947 was published for rap2hpoutre/laravel-log-viewer (Composer) May 13, 2022
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to... High Unreviewed
CVE-2018-9065 was published May 13, 2022
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true"... High Unreviewed
CVE-2017-16835 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database