GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
115 advisories
Filter by severity
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the...
Moderate
Unreviewed
CVE-2017-13909
was published
Dec 24, 2021
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control ...
Moderate
Unreviewed
CVE-2022-21823
was published
Jan 11, 2022
Authentication bypass in Apache Kylin
Moderate
CVE-2020-13937
was published
for
org.apache.kylin:kylin
(Maven)
Feb 10, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.
Moderate
Unreviewed
CVE-2022-0881
was published
Mar 10, 2022
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior...
Moderate
Unreviewed
CVE-2022-1257
was published
Apr 15, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel...
Moderate
Unreviewed
CVE-2022-1044
was published
May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious...
Moderate
Unreviewed
CVE-2017-0493
was published
May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where...
Moderate
Unreviewed
CVE-2017-16560
was published
May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such...
Moderate
Unreviewed
CVE-2017-6911
was published
May 13, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade...
Moderate
Unreviewed
CVE-2019-3684
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The...
Moderate
Unreviewed
CVE-2019-4549
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13719
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13717
was published
May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ...
Moderate
Unreviewed
CVE-2020-1493
was published
May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may...
Moderate
Unreviewed
CVE-2020-4172
was published
May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to...
Moderate
Unreviewed
CVE-2019-8790
was published
May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was...
Moderate
Unreviewed
CVE-2019-8898
was published
May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a...
Moderate
Unreviewed
CVE-2020-11484
was published
May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker...
Moderate
Unreviewed
CVE-2019-19560
was published
May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker...
Moderate
Unreviewed
CVE-2019-19562
was published
May 24, 2022
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized...
Moderate
Unreviewed
CVE-2020-27746
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API