GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,142
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,264
npm 3,759
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,471

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

454 advisories

Filter by severity

Sort by

Least recently updated

Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all... Moderate Unreviewed

CVE-2021-22782 was published May 24, 2022

A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0... High Unreviewed

CVE-2021-26100 was published May 24, 2022

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a... High Unreviewed

CVE-2021-34825 was published May 24, 2022

IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information... Moderate Unreviewed

CVE-2021-20567 was published May 24, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre... Moderate Unreviewed

CVE-2021-23211 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed

CVE-2019-4471 was published May 24, 2022

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed

CVE-2020-24396 was published May 24, 2022

IBM API Connect V10 is impacted by insecure communications during database replication. As the... High Unreviewed

CVE-2020-4695 was published May 24, 2022

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance... Moderate Unreviewed

CVE-2020-29024 was published May 24, 2022

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices... High Unreviewed

CVE-2020-23162 was published May 24, 2022

Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed

CVE-2020-26732 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or... Moderate Unreviewed

CVE-2020-4597 was published May 24, 2022

The encryption function of NHIServiSignAdapter fail to verify the file path input by users.... High Unreviewed

CVE-2020-25842 was published May 24, 2022

SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. Moderate Unreviewed

CVE-2020-35658 was published May 24, 2022

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed

CVE-2020-35587 was published May 24, 2022

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and... High Unreviewed

CVE-2020-14254 was published May 24, 2022

In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and... High Unreviewed

CVE-2020-27055 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28217 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28216 was published May 24, 2022

SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the... Moderate Unreviewed

CVE-2020-26816 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all... Moderate Unreviewed

CVE-2020-7567 was published May 24, 2022

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption... Moderate Unreviewed

CVE-2020-8150 was published May 24, 2022

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed... Low Unreviewed

CVE-2020-8173 was published May 24, 2022

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting... High Unreviewed

CVE-2020-9774 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session... High Unreviewed

CVE-2020-27651 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

454 advisories