GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,177 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insufficiently Protected Credentials in PowerJob High

CVE-2020-28865 was published for com.github.kfcfans:powerjob (Maven) Jun 17, 2022

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does... Moderate Unreviewed

CVE-2012-5627 was published May 17, 2022

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all... High Unreviewed

CVE-2022-26844 was published Aug 19, 2022

The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain... Critical Unreviewed

CVE-2021-28171 was published May 24, 2022

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect Moderate

CVE-2022-31033 was published for mechanize (RubyGems) Jun 9, 2022

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials. Critical Unreviewed

CVE-2021-40520 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

The Scheduler Connection component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed

CVE-2021-35495 was published May 24, 2022

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed

CVE-2021-28499 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

In SapphireIMS 5.0, it is possible to take over an account by sending a request to the... Critical Unreviewed

CVE-2020-25566 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users... High Unreviewed

CVE-2021-42557 was published May 24, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed

CVE-2020-7299 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch,... High Unreviewed

CVE-2020-16839 was published May 24, 2022

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed

CVE-2021-40654 was published May 24, 2022

Specific BD Pyxis™ products were installed with default credentials and may presently still... High Unreviewed

CVE-2022-22767 was published Jun 3, 2022

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3... High Unreviewed

CVE-2022-22396 was published Jun 7, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed

CVE-2022-29085 was published Jun 3, 2022

An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed

CVE-2021-1873 was published May 24, 2022

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the... Critical Unreviewed

CVE-2020-12061 was published May 24, 2022

An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can... High Unreviewed

CVE-2021-3154 was published May 24, 2022

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and... High Unreviewed

CVE-2020-12734 was published May 24, 2022

IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could... High Unreviewed

CVE-2021-20415 was published May 24, 2022

Previous 1…45…48 Next

Previous 1 2 … 43 44 45 46 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,177 advisories