Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

538 advisories

Loading
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190... High Unreviewed
CVE-2022-2739 was published Sep 2, 2022
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs... Moderate Unreviewed
CVE-2021-3585 was published Aug 27, 2022
The affected device stores sensitive information in cleartext, which may allow an authenticated... Moderate Unreviewed
CVE-2022-2569 was published Aug 25, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed
CVE-2022-37401 was published Aug 16, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Guest... High Unreviewed
CVE-2022-2813 was published Aug 16, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A... Moderate Unreviewed
CVE-2022-29090 was published Aug 11, 2022
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability... High Unreviewed
CVE-2022-33928 was published Aug 11, 2022
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an... High Unreviewed
CVE-2022-34924 was published Aug 3, 2022
The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It... High Unreviewed
CVE-2022-30275 was published Jul 27, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26307 was published Jul 26, 2022
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed... High Unreviewed
CVE-2022-24660 was published Jul 21, 2022
Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access... High Unreviewed
CVE-2022-30626 was published Jul 19, 2022
HCL Launch may store certain data for recurring activities in a plain text format. Moderate Unreviewed
CVE-2022-27549 was published Jul 7, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in... Moderate Unreviewed
CVE-2022-22366 was published Jul 2, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive... Moderate Unreviewed
CVE-2022-22367 was published Jul 2, 2022
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text... Moderate Unreviewed
CVE-2022-22478 was published Jul 1, 2022
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file. Moderate Unreviewed
CVE-2021-41639 was published Jun 25, 2022
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4... High Unreviewed
CVE-2021-45025 was published Jun 18, 2022
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as... Moderate Unreviewed
CVE-2017-20040 was published Jun 12, 2022
** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH... Moderate Unreviewed
CVE-2022-29620 was published Jun 8, 2022
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND... Moderate Unreviewed
CVE-2022-23236 was published Jun 3, 2022
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs,... Critical Unreviewed
CVE-2021-29954 was published May 24, 2022
UltraLog Express device management software stores user’s information in cleartext. Any user can... Moderate Unreviewed
CVE-2020-3921 was published May 24, 2022
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed
CVE-2021-41302 was published May 24, 2022
Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data... High Unreviewed
CVE-2021-35526 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database