GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
36 advisories
Filter by severity
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to...
Low
Unreviewed
CVE-2021-25524
was published
Dec 9, 2021
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02...
Low
Unreviewed
CVE-2021-25522
was published
Dec 9, 2021
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows...
Low
Unreviewed
CVE-2021-25523
was published
Dec 9, 2021
Philips Gemini PET/CT family software stores sensitive information in a removable media device...
Low
Unreviewed
CVE-2021-27456
was published
Mar 24, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to...
Low
Unreviewed
CVE-2021-25266
was published
Apr 28, 2022
In constructImportFailureNotification of NotificationImportExportListener.java, there is a...
Low
Unreviewed
CVE-2020-0422
was published
May 24, 2022
This issue was resolved by replacing device names with a random identifier. This issue is fixed...
Low
Unreviewed
CVE-2019-8799
was published
May 24, 2022
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that...
Low
Unreviewed
CVE-2020-4886
was published
May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with...
Low
Unreviewed
CVE-2019-19557
was published
May 24, 2022
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with...
Low
Unreviewed
CVE-2019-19561
was published
May 24, 2022
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to...
Low
Unreviewed
CVE-2020-4906
was published
May 24, 2022
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored...
Low
Unreviewed
CVE-2020-4726
was published
May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally...
Low
Unreviewed
CVE-2021-20391
was published
May 24, 2022
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which...
Low
Unreviewed
CVE-2020-4765
was published
May 24, 2022
IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by...
Low
Unreviewed
CVE-2021-20575
was published
May 24, 2022
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to...
Low
Unreviewed
CVE-2021-25404
was published
May 24, 2022
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to...
Low
Unreviewed
CVE-2021-25402
was published
May 24, 2022
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be...
Low
Unreviewed
CVE-2021-20396
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4809
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4805
was published
May 24, 2022
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2020-4803
was published
May 24, 2022
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2022-34312
was published
Nov 14, 2022
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored...
Low
Unreviewed
CVE-2022-34354
was published
Nov 16, 2022
Logins saved by Firefox should be managed by the Password Manager component which uses encryption...
Low
Unreviewed
CVE-2022-42931
was published
Dec 22, 2022
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
ProTip!
Advisories are also available from the
GraphQL API