Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
Remote code execution in Apache Tapestry Critical
CVE-2021-27850 was published for org.apache.tapestry:tapestry-core (Maven) Jun 16, 2021
Sensitive Data Exposure in miniorange_saml High
CVE-2021-36786 was published for miniorange/miniorange-saml (Composer) Sep 1, 2021
Improper use of cryptographic key in wal-g High
CVE-2021-38599 was published for github.com/wal-g/wal-g (Go) Sep 2, 2021
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to... Low Unreviewed
CVE-2021-25524 was published Dec 9, 2021
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02... Low Unreviewed
CVE-2021-25522 was published Dec 9, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows... Low Unreviewed
CVE-2021-25523 was published Dec 9, 2021
The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a... High Unreviewed
CVE-2021-42913 was published Dec 21, 2021
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the... Moderate Unreviewed
CVE-2017-13909 was published Dec 24, 2021
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control ... Moderate Unreviewed
CVE-2022-21823 was published Jan 11, 2022
Authentication bypass in Apache Kylin Moderate
CVE-2020-13937 was published for org.apache.kylin:kylin (Maven) Feb 10, 2022
Insecure Storage of Sensitive Information in Microweber High
CVE-2022-0724 was published for microweber/microweber (Composer) Feb 24, 2022
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be... High Unreviewed
CVE-2022-25264 was published Feb 26, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. Moderate Unreviewed
CVE-2022-0881 was published Mar 10, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device... Low Unreviewed
CVE-2021-27456 was published Mar 24, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior... Moderate Unreviewed
CVE-2022-1257 was published Apr 15, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed
CVE-2021-25266 was published Apr 28, 2022
Insecure password handling vulnerability in Strapi High
CVE-2021-46440 was published for @strapi/strapi (npm) May 4, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel... Moderate Unreviewed
CVE-2022-1044 was published May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious... Moderate Unreviewed
CVE-2017-0493 was published May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where... Moderate Unreviewed
CVE-2017-16560 was published May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such... Moderate Unreviewed
CVE-2017-6911 was published May 13, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low... High Unreviewed
CVE-2017-7253 was published May 13, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed
CVE-2019-3684 was published May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database