GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,922

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

300 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584). Moderate Unreviewed

CVE-2021-38590 was published May 24, 2022

An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special... Moderate Unreviewed

CVE-2021-36127 was published May 24, 2022

An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed

CVE-2021-25266 was published Apr 28, 2022

IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be... Low Unreviewed

CVE-2021-20396 was published May 24, 2022

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to... Low Unreviewed

CVE-2021-25404 was published May 24, 2022

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally... Low Unreviewed

CVE-2021-20391 was published May 24, 2022

Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information... High Unreviewed

CVE-2021-22914 was published May 24, 2022

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to... Low Unreviewed

CVE-2021-25402 was published May 24, 2022

IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by... Low Unreviewed

CVE-2021-20575 was published May 24, 2022

IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which... Low Unreviewed

CVE-2020-4765 was published May 24, 2022

Insecure storage of sensitive information has been reported to affect QNAP NAS running... Moderate Unreviewed

CVE-2021-28815 was published May 24, 2022

IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores... Moderate Unreviewed

CVE-2020-5008 was published May 24, 2022

Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated... Moderate Unreviewed

CVE-2020-28911 was published May 24, 2022

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10... Moderate Unreviewed

CVE-2020-9202 was published May 24, 2022

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store... Moderate Unreviewed

CVE-2021-28653 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no... Critical Unreviewed

CVE-2021-27170 was published May 24, 2022

The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored... Low Unreviewed

CVE-2020-4726 was published May 24, 2022

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed

CVE-2020-27746 was published May 24, 2022

A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with... Low Unreviewed

CVE-2019-19557 was published May 24, 2022

An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed

CVE-2019-19560 was published May 24, 2022

IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks... Moderate Unreviewed

CVE-2020-4674 was published May 24, 2022

IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in... Moderate Unreviewed

CVE-2020-4673 was published May 24, 2022

In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed

CVE-2021-25776 was published May 24, 2022

An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control... Moderate Unreviewed

CVE-2020-26176 was published May 24, 2022

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to... Low Unreviewed

CVE-2020-4906 was published May 24, 2022

Previous 1…1112 Next

Previous 1 2 … 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

300 advisories