GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
253 advisories
Filter by severity
If a user saved passwords before Thunderbird 60 and then later set a master password, an...
Moderate
Unreviewed
CVE-2020-6794
was published
May 24, 2022
IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the...
Moderate
Unreviewed
CVE-2020-9407
was published
May 24, 2022
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik...
Moderate
Unreviewed
CVE-2019-18238
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Moderate
Unreviewed
CVE-2019-13947
was published
May 24, 2022
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it...
Moderate
Unreviewed
CVE-2019-15947
was published
May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior...
Moderate
Unreviewed
CVE-2019-3753
was published
May 24, 2022
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2019-5810
was published
May 24, 2022
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with...
Moderate
Unreviewed
CVE-2018-2028
was published
May 24, 2022
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface,...
Moderate
Unreviewed
CVE-2018-20008
was published
May 24, 2022
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain...
Moderate
Unreviewed
CVE-2022-22484
was published
May 18, 2022
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which...
Moderate
Unreviewed
CVE-2008-6157
was published
May 17, 2022
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non...
Moderate
Unreviewed
CVE-2018-19279
was published
May 13, 2022
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally...
Moderate
Unreviewed
CVE-2018-11242
was published
May 13, 2022
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital...
Moderate
Unreviewed
CVE-2018-10812
was published
May 13, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of...
Moderate
Unreviewed
CVE-2017-2723
was published
May 13, 2022
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous...
Moderate
Unreviewed
CVE-2017-14990
was published
May 13, 2022
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the...
Moderate
Unreviewed
CVE-2018-17489
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain...
Moderate
Unreviewed
CVE-2018-1621
was published
May 13, 2022
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always...
Moderate
Unreviewed
CVE-2018-5559
was published
May 13, 2022
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81...
Moderate
Unreviewed
CVE-2019-5765
was published
May 13, 2022
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee...
Moderate
Unreviewed
CVE-2019-3606
was published
May 13, 2022
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1...
Moderate
Unreviewed
CVE-2019-3612
was published
May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions...
Moderate
Unreviewed
CVE-2018-18984
was published
May 13, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not...
Moderate
Unreviewed
CVE-2015-5537
was published
May 13, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be...
Moderate
Unreviewed
CVE-2018-1882
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API