GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
54 advisories
Filter by severity
Buildah processes using chroot isolation may leak environment values to intermediate processes
Moderate
CVE-2021-3602
was published
for
github.com/containers/buildah
(Go)
Jul 19, 2021
Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault
Moderate
CVE-2021-38554
was published
for
github.com/hashicorp/vault
(Go)
Aug 30, 2021
Improper Removal of Sensitive Information Before Storage or Transfer in Apache Jackrabbit Oak
High
CVE-2020-1940
was published
for
org.apache.jackrabbit:oak-core
(Maven)
Dec 10, 2021
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects
Moderate
CVE-2022-0536
was published
for
follow-redirects
(npm)
Feb 10, 2022
Exposure of information in Action Pack
High
CVE-2022-23633
was published
for
actionpack
(RubyGems)
Feb 11, 2022
Jenkins Support Core Plugin stores sensitive data in plain text
Moderate
CVE-2022-25187
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
Feb 16, 2022
Forwarding of confidentials headers to third parties in fluture-node
Low
CVE-2022-24719
was published
for
fluture-node
(npm)
Mar 1, 2022
Improper Removal of Sensitive Information Before Storage or Transfer in irrd
High
CVE-2022-24798
was published
for
irrd
(pip)
Apr 1, 2022
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier...
Moderate
Unreviewed
CVE-2002-0704
was published
Apr 30, 2022
A design flaw in image processing software that modifies JPEG images might not modify the...
Low
Unreviewed
CVE-2005-0406
was published
May 1, 2022
Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and...
Moderate
Unreviewed
CVE-2021-33082
was published
May 13, 2022
Exposure of sensitive system information due to uncleared debug information in firmware for some...
Moderate
Unreviewed
CVE-2021-33080
was published
May 13, 2022
Exposure of Sensitive Information in eventsource
Critical
CVE-2022-1650
was published
for
eventsource
(npm)
May 13, 2022
A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable...
Moderate
Unreviewed
CVE-2018-1062
was published
May 13, 2022
Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
High
CVE-2022-30617
was published
for
@strapi/strapi
(npm)
May 20, 2022
Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
High
CVE-2022-30618
was published
for
@strapi/strapi
(npm)
May 20, 2022
In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy...
High
Unreviewed
CVE-2019-11243
was published
May 24, 2022
An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730...
Moderate
Unreviewed
CVE-2019-19362
was published
May 24, 2022
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3...
Moderate
Unreviewed
CVE-2019-20637
was published
May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without...
Low
Unreviewed
CVE-2020-11740
was published
May 24, 2022
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for...
Low
Unreviewed
CVE-2020-13179
was published
May 24, 2022
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors...
Moderate
Unreviewed
CVE-2020-8696
was published
May 24, 2022
Some websites have a feature "Show Password" where clicking a button will change a password field...
Moderate
Unreviewed
CVE-2020-26965
was published
May 24, 2022
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000...
Moderate
Unreviewed
CVE-2021-3031
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API