GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
296 advisories
Filter by severity
An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias...
Moderate
Unreviewed
CVE-2021-40087
was published
May 24, 2022
A user with permission to log on to the machine hosting the AXIS Device Manager client could...
Moderate
Unreviewed
CVE-2021-31989
was published
May 24, 2022
UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle...
Moderate
Unreviewed
CVE-2020-36473
was published
May 24, 2022
The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix...
Moderate
Unreviewed
CVE-2021-33325
was published
May 24, 2022
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by...
Moderate
Unreviewed
CVE-2021-31581
was published
May 24, 2022
IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be...
Moderate
Unreviewed
CVE-2021-20510
was published
May 24, 2022
In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to...
Moderate
Unreviewed
CVE-2021-36158
was published
May 24, 2022
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1...
Moderate
Unreviewed
CVE-2021-29956
was published
May 24, 2022
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A...
Moderate
Unreviewed
CVE-2021-28979
was published
May 24, 2022
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the...
Moderate
Unreviewed
CVE-2021-28858
was published
May 24, 2022
ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in...
Moderate
Unreviewed
CVE-2021-27487
was published
May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre...
Moderate
Unreviewed
CVE-2021-23211
was published
May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre...
Moderate
Unreviewed
CVE-2021-23182
was published
May 24, 2022
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful...
Moderate
Unreviewed
CVE-2020-15384
was published
May 24, 2022
The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all...
Moderate
Unreviewed
CVE-2021-32942
was published
May 24, 2022
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations....
Moderate
Unreviewed
CVE-2021-31855
was published
May 24, 2022
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login...
Moderate
Unreviewed
CVE-2021-21734
was published
May 24, 2022
In Versa Director, the unencrypted backup files stored on the Versa deployment contain...
Moderate
Unreviewed
CVE-2018-16498
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read...
Moderate
Unreviewed
CVE-2021-29683
was published
May 24, 2022
An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6...
Moderate
Unreviewed
CVE-2021-25645
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror...
Moderate
Unreviewed
CVE-2021-22206
was published
May 24, 2022
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text...
Moderate
Unreviewed
CVE-2021-21547
was published
May 24, 2022
Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This...
Moderate
Unreviewed
CVE-2020-22783
was published
May 24, 2022
Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored...
Moderate
Unreviewed
CVE-2021-31539
was published
May 24, 2022
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC...
Moderate
Unreviewed
CVE-2021-3473
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API