Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,593 advisories

Loading
The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some... High Unreviewed
CVE-2020-28973 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker... High Unreviewed
CVE-2021-20422 was published May 24, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.)... High Unreviewed
CVE-2021-42893 was published Jun 4, 2022
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager... High Unreviewed
CVE-2021-22506 was published May 24, 2022
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private... High Unreviewed
CVE-2021-30163 was published May 24, 2022
Thycotic Password Reset Server before 5.3.0 allows credential disclosure. High Unreviewed
CVE-2021-34679 was published May 24, 2022
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible. High Unreviewed
CVE-2021-31905 was published May 24, 2022
The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware... High Unreviewed
CVE-2021-20092 was published May 24, 2022
SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized... High Unreviewed
CVE-2021-21482 was published May 24, 2022
Server for NFS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-31975. High Unreviewed
CVE-2021-31976 was published May 24, 2022
Improper Input Validation in Undertow High
CVE-2020-1757 was published for io.undertow:undertow-core (Maven) May 24, 2022
yawkat
IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to... High Unreviewed
CVE-2020-4985 was published May 24, 2022
An information disclosure vulnerability was discovered in alipay_function.php in the log file of... High Unreviewed
CVE-2020-23768 was published May 24, 2022
An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump... High Unreviewed
CVE-2021-26939 was published May 24, 2022
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28325. High Unreviewed
CVE-2021-28324 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30... High Unreviewed
CVE-2021-29082 was published May 24, 2022
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies... High Unreviewed
CVE-2021-3113 was published May 24, 2022
Windows Remote Procedure Call Information Disclosure Vulnerability High Unreviewed
CVE-2021-1734 was published May 24, 2022
Exposure of Sensitive Information in System.Net.Http High
CVE-2019-0545 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Sling Servlets Post High
CVE-2016-0956 was published for org.apache.sling:org.apache.sling.servlets.post (Maven) May 14, 2022
BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File... High Unreviewed
CVE-2020-12112 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Directory LDAP API High
CVE-2015-3250 was published for org.apache.directory.api:api-ldap-model (Maven) May 17, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... High Unreviewed
CVE-2016-4271 was published May 14, 2022
An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam... High Unreviewed
CVE-2017-2874 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt High
CVE-2014-9970 was published for org.jasypt:jasypt (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database