Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ... Moderate Unreviewed
CVE-2020-1493 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13719 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13717 was published May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The... Moderate Unreviewed
CVE-2019-4549 was published May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global... Moderate Unreviewed
CVE-2019-14957 was published May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox... Moderate Unreviewed
CVE-2019-9253 was published May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS... Moderate Unreviewed
CVE-2019-5633 was published May 24, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed
CVE-2019-3684 was published May 24, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such... Moderate Unreviewed
CVE-2017-6911 was published May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where... Moderate Unreviewed
CVE-2017-16560 was published May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious... Moderate Unreviewed
CVE-2017-0493 was published May 13, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel... Moderate Unreviewed
CVE-2022-1044 was published May 13, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior... Moderate Unreviewed
CVE-2022-1257 was published Apr 15, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. Moderate Unreviewed
CVE-2022-0881 was published Mar 10, 2022
Authentication bypass in Apache Kylin Moderate
CVE-2020-13937 was published for org.apache.kylin:kylin (Maven) Feb 10, 2022
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control ... Moderate Unreviewed
CVE-2022-21823 was published Jan 11, 2022
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the... Moderate Unreviewed
CVE-2017-13909 was published Dec 24, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database