Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

253 advisories

Loading
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC... Moderate Unreviewed
CVE-2021-3473 was published May 24, 2022
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager... Moderate Unreviewed
CVE-2021-25692 was published May 24, 2022
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115... Moderate Unreviewed
CVE-2021-26833 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in... Moderate Unreviewed
CVE-2020-11924 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. Moderate Unreviewed
CVE-2020-11923 was published May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of... Moderate Unreviewed
CVE-2021-26579 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in... Moderate Unreviewed
CVE-2020-4884 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1... Moderate Unreviewed
CVE-2020-4944 was published May 24, 2022
In all versions of GitLab starting from 13.7, marshalled session keys were being stored in Redis. Moderate Unreviewed
CVE-2021-22194 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive... Moderate Unreviewed
CVE-2021-26595 was published May 24, 2022
** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android... Moderate Unreviewed
CVE-2021-27549 was published May 24, 2022
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN... Moderate Unreviewed
CVE-2020-36248 was published May 24, 2022
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core... Moderate Unreviewed
CVE-2020-24491 was published May 24, 2022
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web... Moderate Unreviewed
CVE-2021-27233 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in... Moderate Unreviewed
CVE-2021-27205 was published May 24, 2022
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials... Moderate Unreviewed
CVE-2021-27210 was published May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to... Moderate Unreviewed
CVE-2021-27204 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text... Moderate Unreviewed
CVE-2021-20410 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information... Moderate Unreviewed
CVE-2021-20408 was published May 24, 2022
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security ... Moderate Unreviewed
CVE-2021-23878 was published May 24, 2022
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via ... Moderate Unreviewed
CVE-2021-26550 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-20358 was published May 24, 2022
There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A... Moderate Unreviewed
CVE-2021-22300 was published May 24, 2022
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be... Moderate Unreviewed
CVE-2020-4189 was published May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any... Moderate Unreviewed
CVE-2021-1265 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database