Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

70 advisories

Loading
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the... Moderate Unreviewed
CVE-2017-13909 was published Dec 24, 2021
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control ... Moderate Unreviewed
CVE-2022-21823 was published Jan 11, 2022
Authentication bypass in Apache Kylin Moderate
CVE-2020-13937 was published for org.apache.kylin:kylin (Maven) Feb 10, 2022
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1. Moderate Unreviewed
CVE-2022-0881 was published Mar 10, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior... Moderate Unreviewed
CVE-2022-1257 was published Apr 15, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel... Moderate Unreviewed
CVE-2022-1044 was published May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious... Moderate Unreviewed
CVE-2017-0493 was published May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where... Moderate Unreviewed
CVE-2017-16560 was published May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such... Moderate Unreviewed
CVE-2017-6911 was published May 13, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed
CVE-2019-3684 was published May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS... Moderate Unreviewed
CVE-2019-5633 was published May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox... Moderate Unreviewed
CVE-2019-9253 was published May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global... Moderate Unreviewed
CVE-2019-14957 was published May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The... Moderate Unreviewed
CVE-2019-4549 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13719 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13717 was published May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ... Moderate Unreviewed
CVE-2020-1493 was published May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2020-4172 was published May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to... Moderate Unreviewed
CVE-2019-8790 was published May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a... Moderate Unreviewed
CVE-2020-11484 was published May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was... Moderate Unreviewed
CVE-2019-8898 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed
CVE-2019-19560 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker... Moderate Unreviewed
CVE-2019-19562 was published May 24, 2022
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2020-27746 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database