GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

451 advisories

Filter by severity

Sort by

Least recently updated

IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information... Moderate Unreviewed

CVE-2021-20567 was published May 24, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre... Moderate Unreviewed

CVE-2021-23211 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed

CVE-2019-4471 was published May 24, 2022

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed

CVE-2020-24396 was published May 24, 2022

IBM API Connect V10 is impacted by insecure communications during database replication. As the... High Unreviewed

CVE-2020-4695 was published May 24, 2022

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance... Moderate Unreviewed

CVE-2020-29024 was published May 24, 2022

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices... High Unreviewed

CVE-2020-23162 was published May 24, 2022

Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed

CVE-2020-26732 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or... Moderate Unreviewed

CVE-2020-4597 was published May 24, 2022

The encryption function of NHIServiSignAdapter fail to verify the file path input by users.... High Unreviewed

CVE-2020-25842 was published May 24, 2022

SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. Moderate Unreviewed

CVE-2020-35658 was published May 24, 2022

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed

CVE-2020-35587 was published May 24, 2022

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and... High Unreviewed

CVE-2020-14254 was published May 24, 2022

In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and... High Unreviewed

CVE-2020-27055 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28216 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28217 was published May 24, 2022

SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the... Moderate Unreviewed

CVE-2020-26816 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all... Moderate Unreviewed

CVE-2020-7567 was published May 24, 2022

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption... Moderate Unreviewed

CVE-2020-8150 was published May 24, 2022

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed... Low Unreviewed

CVE-2020-8173 was published May 24, 2022

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting... High Unreviewed

CVE-2020-9774 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session... High Unreviewed

CVE-2020-27651 was published May 24, 2022

Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the... Moderate Unreviewed

CVE-2020-27650 was published May 24, 2022

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the... Moderate Unreviewed

CVE-2020-1688 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.... High Unreviewed

CVE-2020-15771 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

451 advisories