Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

368 advisories

Loading
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that... Moderate Unreviewed
CVE-2020-4843 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1... Moderate Unreviewed
CVE-2019-4738 was published May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,... Moderate Unreviewed
CVE-2020-25677 was published May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2... Moderate Unreviewed
CVE-2020-28917 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921... Moderate Unreviewed
CVE-2020-27557 was published May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1... Moderate Unreviewed
CVE-2020-8276 was published May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in... Moderate Unreviewed
CVE-2020-6648 was published May 24, 2022
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store... Moderate Unreviewed
CVE-2020-12032 was published May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis Moderate
CVE-2020-10727 was published for org.apache.activemq:artemis-commons (Maven) May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and... Moderate Unreviewed
CVE-2020-13637 was published May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and... Moderate Unreviewed
CVE-2019-17655 was published May 24, 2022
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed
CVE-2020-12801 was published May 24, 2022
A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the... Moderate Unreviewed
CVE-2020-10706 was published May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,... Moderate Unreviewed
CVE-2020-11821 was published May 24, 2022
Credentials stored in plain text by Jenkins Copr Plugin Moderate
CVE-2020-2177 was published for org.fedoraproject.jenkins.plugins:copr (Maven) May 24, 2022
NotMyFault
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via... Moderate Unreviewed
CVE-2019-15656 was published May 24, 2022
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where... Moderate Unreviewed
CVE-2019-14886 was published May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an... Moderate Unreviewed
CVE-2020-6794 was published May 24, 2022
IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the... Moderate Unreviewed
CVE-2020-9407 was published May 24, 2022
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik... Moderate Unreviewed
CVE-2019-18238 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed
CVE-2019-13947 was published May 24, 2022
Magento 2 Community Edition Weak Cryptography Moderate
CVE-2019-8118 was published for magento/community-edition (Composer) May 24, 2022
Jenkins View26 Test-Reporting Plugin stores access token in plain text Moderate
CVE-2019-10452 was published for org.jenkins-ci.plugins:view26 (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database