GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
253 advisories
Filter by severity
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC...
Moderate
Unreviewed
CVE-2021-3473
was published
May 24, 2022
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager...
Moderate
Unreviewed
CVE-2021-25692
was published
May 24, 2022
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115...
Moderate
Unreviewed
CVE-2021-26833
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in...
Moderate
Unreviewed
CVE-2020-11924
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.
Moderate
Unreviewed
CVE-2020-11923
was published
May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of...
Moderate
Unreviewed
CVE-2021-26579
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in...
Moderate
Unreviewed
CVE-2020-4884
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1...
Moderate
Unreviewed
CVE-2020-4944
was published
May 24, 2022
In all versions of GitLab starting from 13.7, marshalled session keys were being stored in Redis.
Moderate
Unreviewed
CVE-2021-22194
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive...
Moderate
Unreviewed
CVE-2021-26595
was published
May 24, 2022
** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android...
Moderate
Unreviewed
CVE-2021-27549
was published
May 24, 2022
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN...
Moderate
Unreviewed
CVE-2020-36248
was published
May 24, 2022
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core...
Moderate
Unreviewed
CVE-2020-24491
was published
May 24, 2022
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web...
Moderate
Unreviewed
CVE-2021-27233
was published
May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in...
Moderate
Unreviewed
CVE-2021-27205
was published
May 24, 2022
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials...
Moderate
Unreviewed
CVE-2021-27210
was published
May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to...
Moderate
Unreviewed
CVE-2021-27204
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text...
Moderate
Unreviewed
CVE-2021-20410
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information...
Moderate
Unreviewed
CVE-2021-20408
was published
May 24, 2022
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security ...
Moderate
Unreviewed
CVE-2021-23878
was published
May 24, 2022
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via ...
Moderate
Unreviewed
CVE-2021-26550
was published
May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2021-20358
was published
May 24, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A...
Moderate
Unreviewed
CVE-2021-22300
was published
May 24, 2022
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be...
Moderate
Unreviewed
CVE-2020-4189
was published
May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any...
Moderate
Unreviewed
CVE-2021-1265
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API