Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

382 advisories

Loading
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve... Moderate Unreviewed
CVE-2021-31857 was published May 24, 2022
A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an... Moderate Unreviewed
CVE-2021-1537 was published May 24, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed
CVE-2020-27831 was published May 24, 2022
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an... Moderate Unreviewed
CVE-2021-29253 was published May 24, 2022
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive... Moderate Unreviewed
CVE-2019-25030 was published May 24, 2022
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-29138 was published May 24, 2022
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default... Moderate Unreviewed
CVE-2021-22115 was published May 24, 2022
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift... Moderate Unreviewed
CVE-2019-10225 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... Moderate Unreviewed
CVE-2020-35454 was published May 24, 2022
PFX Encryption Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-1731 was published May 24, 2022
IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due... Moderate Unreviewed
CVE-2021-20445 was published May 24, 2022
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2,... Moderate Unreviewed
CVE-2020-14391 was published May 24, 2022
1Password SCIM Bridge before 1.6.2 mishandles validation of requests for log files. Moderate Unreviewed
CVE-2021-26905 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as... Moderate Unreviewed
CVE-2020-10538 was published May 24, 2022
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in... Moderate Unreviewed
CVE-2020-10375 was published May 24, 2022
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,... Moderate Unreviewed
CVE-2021-3130 was published May 24, 2022
SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin... Moderate Unreviewed
CVE-2020-27270 was published May 24, 2022
The My AIA SG application 1.2.6 for Android allows attackers to obtain user credentials via... Moderate Unreviewed
CVE-2020-29598 was published May 24, 2022
The Junos Space Network Management Platform has been found to store shared secrets in a... Moderate Unreviewed
CVE-2021-0220 was published May 24, 2022
An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally... Moderate Unreviewed
CVE-2021-0212 was published May 24, 2022
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be... Moderate Unreviewed
CVE-2020-4602 was published May 24, 2022
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for... Moderate Unreviewed
CVE-2021-21448 was published May 24, 2022
A vulnerability has been identified in Opcenter Execution Core (V8.2), Opcenter Execution Core ... Moderate Unreviewed
CVE-2020-28390 was published May 24, 2022
IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local... Moderate Unreviewed
CVE-2020-4913 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database