Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

518 advisories

Loading
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed
CVE-2022-29085 was published Jun 3, 2022
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed
CVE-2021-40654 was published May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed
CVE-2021-38179 was published May 24, 2022
MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed
CVE-2020-23036 was published May 24, 2022
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed
CVE-2021-28499 was published May 24, 2022
On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed
CVE-2021-28496 was published May 24, 2022
The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed
CVE-2021-39342 was published May 24, 2022
Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect Moderate
CVE-2022-31033 was published for mechanize (RubyGems) Jun 9, 2022
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does... Moderate Unreviewed
CVE-2012-5627 was published May 17, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed
CVE-2022-30231 was published Jun 15, 2022
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed
CVE-2022-1342 was published Jun 16, 2022
Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions... Moderate Unreviewed
CVE-2022-29507 was published Aug 19, 2022
An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed
CVE-2022-21184 was published Jun 18, 2022
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed
CVE-2021-30651 was published Jun 25, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the... Moderate Unreviewed
CVE-2022-33953 was published Jun 25, 2022
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2022-2221 was published Jun 28, 2022
HCL Launch stores user credentials in plain clear text which can be read by a local user. Moderate Unreviewed
CVE-2022-27548 was published Jul 7, 2022
The default password for the web application’s root user (the vendor’s private account) was weak... Moderate Unreviewed
CVE-2022-1666 was published Jun 25, 2022
An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed
CVE-2021-23207 was published Jan 22, 2022
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials... Moderate Unreviewed
CVE-2022-22983 was published Aug 11, 2022
BigFix Web Reports authorized users may see SMTP credentials in clear text. Moderate Unreviewed
CVE-2022-27544 was published Jul 20, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently... Moderate Unreviewed
CVE-2022-33169 was published Aug 2, 2022
Fortify Plugin stored credentials in plain text Moderate
CVE-2020-2107 was published for org.jenkins-ci.plugins:fortify (Maven) May 24, 2022
NotMyFault
A vulnerability has been found in CESNET theme-cesnet up to 1.x and classified as problematic.... Moderate Unreviewed
CVE-2016-15014 was published Jan 7, 2023
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed
CVE-2021-36317 was published Dec 22, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database