Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

45 advisories

Loading
ezplatform-graphql GraphQL queries can expose password hashes High
CVE-2022-41876 was published for ezsystems/ezplatform-graphql (Composer) Nov 10, 2022
tranca
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such... High Unreviewed
CVE-2022-37835 was published Sep 13, 2022
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server... High Unreviewed
CVE-2022-28168 was published Jun 28, 2022
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6... High Unreviewed
CVE-2020-8481 was published May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed
CVE-2021-28813 was published May 24, 2022
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),... High Unreviewed
CVE-2021-39289 was published May 24, 2022
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information... High Unreviewed
CVE-2021-22914 was published May 24, 2022
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files ... High Unreviewed
CVE-2021-25276 was published May 24, 2022
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed
CVE-2021-25776 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high... High Unreviewed
CVE-2020-15775 was published May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low... High Unreviewed
CVE-2017-7253 was published May 13, 2022
Insecure password handling vulnerability in Strapi High
CVE-2021-46440 was published for @strapi/strapi (npm) May 4, 2022
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be... High Unreviewed
CVE-2022-25264 was published Feb 26, 2022
Insecure Storage of Sensitive Information in Microweber High
CVE-2022-0724 was published for microweber/microweber (Composer) Feb 24, 2022
The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a... High Unreviewed
CVE-2021-42913 was published Dec 21, 2021
Improper use of cryptographic key in wal-g High
CVE-2021-38599 was published for github.com/wal-g/wal-g (Go) Sep 2, 2021
Sensitive Data Exposure in miniorange_saml High
CVE-2021-36786 was published for miniorange/miniorange-saml (Composer) Sep 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database