GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
186 advisories
Filter by severity
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker...
Moderate
Unreviewed
CVE-2019-19560
was published
May 24, 2022
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that...
Low
Unreviewed
CVE-2020-4886
was published
May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information...
High
Unreviewed
CVE-2020-25966
was published
May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a...
Moderate
Unreviewed
CVE-2020-11484
was published
May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was...
Moderate
Unreviewed
CVE-2019-8898
was published
May 24, 2022
This issue was resolved by replacing device names with a random identifier. This issue is fixed...
Low
Unreviewed
CVE-2019-8799
was published
May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to...
Moderate
Unreviewed
CVE-2019-8790
was published
May 24, 2022
In constructImportFailureNotification of NotificationImportExportListener.java, there is a...
Low
Unreviewed
CVE-2020-0422
was published
May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high...
High
Unreviewed
CVE-2020-15775
was published
May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may...
Moderate
Unreviewed
CVE-2020-4172
was published
May 24, 2022
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ...
Moderate
Unreviewed
CVE-2020-1493
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13719
was published
May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13717
was published
May 24, 2022
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The...
Moderate
Unreviewed
CVE-2019-4549
was published
May 24, 2022
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in...
High
Unreviewed
CVE-2019-5626
was published
May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade...
Moderate
Unreviewed
CVE-2019-3684
was published
May 24, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low...
High
Unreviewed
CVE-2017-7253
was published
May 13, 2022
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such...
Moderate
Unreviewed
CVE-2017-6911
was published
May 13, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where...
Moderate
Unreviewed
CVE-2017-16560
was published
May 13, 2022
An information disclosure vulnerability in File-Based Encryption could enable a local malicious...
Moderate
Unreviewed
CVE-2017-0493
was published
May 13, 2022
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel...
Moderate
Unreviewed
CVE-2022-1044
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API