GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
139 advisories
Filter by severity
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be...
Low
Unreviewed
CVE-2021-20396
was published
May 24, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to...
Low
Unreviewed
CVE-2021-25266
was published
Apr 28, 2022
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special...
Moderate
Unreviewed
CVE-2021-36127
was published
May 24, 2022
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
Moderate
Unreviewed
CVE-2021-38590
was published
May 24, 2022
In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing...
Moderate
Unreviewed
CVE-2021-0639
was published
May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect...
High
Unreviewed
CVE-2021-28813
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4809
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4803
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4805
was published
May 24, 2022
lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30.
Critical
Unreviewed
CVE-2021-42371
was published
May 24, 2022
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6...
High
Unreviewed
CVE-2020-8481
was published
May 24, 2022
ezplatform-graphql GraphQL queries can expose password hashes
High
CVE-2022-41876
was published
for
ezsystems/ezplatform-graphql
(Composer)
Nov 10, 2022
Insecure password handling vulnerability in Strapi
High
CVE-2021-46440
was published
for
@strapi/strapi
(npm)
May 4, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel...
Moderate
Unreviewed
CVE-2022-1044
was published
May 13, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The...
Moderate
Unreviewed
CVE-2019-4549
was published
May 24, 2022
Remote code execution in Apache Tapestry
Critical
CVE-2021-27850
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Jun 16, 2021
Authentication bypass in Apache Kylin
Moderate
CVE-2020-13937
was published
for
org.apache.kylin:kylin
(Maven)
Feb 10, 2022
Sensitive Data Exposure in miniorange_saml
High
CVE-2021-36786
was published
for
miniorange/miniorange-saml
(Composer)
Sep 1, 2021
Improper use of cryptographic key in wal-g
High
CVE-2021-38599
was published
for
github.com/wal-g/wal-g
(Go)
Sep 2, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows...
Low
Unreviewed
CVE-2021-25523
was published
Dec 9, 2021
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to...
Low
Unreviewed
CVE-2021-25524
was published
Dec 9, 2021
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02...
Low
Unreviewed
CVE-2021-25522
was published
Dec 9, 2021
An information disclosure vulnerability in File-Based Encryption could enable a local malicious...
Moderate
Unreviewed
CVE-2017-0493
was published
May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where...
Moderate
Unreviewed
CVE-2017-16560
was published
May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such...
Moderate
Unreviewed
CVE-2017-6911
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API