Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials Low
CVE-2024-47197 was published for org.apache.maven.plugins:maven-archetype-plugin (Maven) Sep 26, 2024
An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via... Low Unreviewed
CVE-2024-32236 was published Apr 25, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed
CVE-2024-6295 was published Jun 25, 2024
vantage6 may create unencrypted tasks in encrypted collaboration Low
CVE-2024-22193 was published for vantage6 (pip) Jan 30, 2024
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02... Low Unreviewed
CVE-2021-25522 was published Dec 9, 2021
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to... Low Unreviewed
CVE-2021-25524 was published Dec 9, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows... Low Unreviewed
CVE-2021-25523 was published Dec 9, 2021
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4805 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4803 was published May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2020-4809 was published May 24, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed
CVE-2021-25266 was published Apr 28, 2022
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be... Low Unreviewed
CVE-2021-20396 was published May 24, 2022
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to... Low Unreviewed
CVE-2021-25404 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally... Low Unreviewed
CVE-2021-20391 was published May 24, 2022
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to... Low Unreviewed
CVE-2021-25402 was published May 24, 2022
IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by... Low Unreviewed
CVE-2021-20575 was published May 24, 2022
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which... Low Unreviewed
CVE-2020-4765 was published May 24, 2022
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored... Low Unreviewed
CVE-2020-4726 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with... Low Unreviewed
CVE-2019-19557 was published May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to... Low Unreviewed
CVE-2020-4906 was published May 24, 2022
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that... Low Unreviewed
CVE-2020-4886 was published May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with... Low Unreviewed
CVE-2019-19561 was published May 24, 2022
This issue was resolved by replacing device names with a random identifier. This issue is fixed... Low Unreviewed
CVE-2019-8799 was published May 24, 2022
In constructImportFailureNotification of NotificationImportExportListener.java, there is a... Low Unreviewed
CVE-2020-0422 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database