GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
32 advisories
Filter by severity
A security vulnerability in HPE IceWall products could be exploited remotely to cause...
Low
Unreviewed
CVE-2024-11856
was published
Dec 2, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
Sensitive information disclosure due to insufficient token field masking. The following products...
Low
Unreviewed
CVE-2023-44158
was published
Sep 27, 2023
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in...
Low
Unreviewed
CVE-2020-7299
was published
May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in...
Low
Unreviewed
CVE-2019-4307
was published
May 24, 2022
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions...
Low
Unreviewed
CVE-2021-36170
was published
May 24, 2022
An issue was discovered in the Login Password feature of the Password Manager component in Avast...
Low
Unreviewed
CVE-2020-15024
was published
May 24, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and...
Low
Unreviewed
CVE-2020-15791
was published
May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac...
Low
Unreviewed
CVE-2020-7306
was published
May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac...
Low
Unreviewed
CVE-2020-7307
was published
May 24, 2022
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When...
Low
Unreviewed
CVE-2020-17489
was published
May 24, 2022
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same...
Low
Unreviewed
CVE-2020-15062
was published
May 24, 2022
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same...
Low
Unreviewed
CVE-2020-15054
was published
May 24, 2022
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same...
Low
Unreviewed
CVE-2020-15058
was published
May 24, 2022
"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is...
Low
Unreviewed
CVE-2020-4095
was published
May 24, 2022
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that...
Low
Unreviewed
CVE-2019-18256
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Low
Unreviewed
CVE-2020-14431
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Low
Unreviewed
CVE-2020-14428
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Low
Unreviewed
CVE-2020-14430
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Low
Unreviewed
CVE-2020-14426
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Low
Unreviewed
CVE-2020-14427
was published
May 24, 2022
** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user...
Low
Unreviewed
CVE-2020-12680
was published
May 24, 2022
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the...
Low
Unreviewed
CVE-2020-11560
was published
May 24, 2022
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in...
Low
Unreviewed
CVE-2019-19096
was published
May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a...
Low
Unreviewed
CVE-2020-8632
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API