GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
448 advisories
Filter by severity
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some...
Moderate
Unreviewed
CVE-2020-5182
was published
May 24, 2022
Password stored in plain text by Applatix Plugin
Moderate
CVE-2020-2133
was published
for
com.applatix.jenkins:applatix
(Maven)
May 24, 2022
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key....
Moderate
Unreviewed
CVE-2022-45424
was published
Dec 27, 2022
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.
Moderate
Unreviewed
CVE-2020-7908
was published
May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded...
Moderate
Unreviewed
CVE-2020-8657
was published
May 24, 2022
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine...
Moderate
Unreviewed
CVE-2020-8422
was published
May 24, 2022
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An...
Moderate
Unreviewed
CVE-2019-19857
was published
May 24, 2022
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5...
Moderate
Unreviewed
CVE-2019-6700
was published
May 24, 2022
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by...
Moderate
Unreviewed
CVE-2020-6954
was published
May 24, 2022
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600;...
Moderate
Unreviewed
CVE-2020-1871
was published
May 24, 2022
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management....
Moderate
Unreviewed
CVE-2019-18832
was published
May 24, 2022
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware...
Moderate
Unreviewed
CVE-2019-15801
was published
May 24, 2022
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete...
Moderate
Unreviewed
CVE-2021-34560
was published
May 24, 2022
Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control...
Moderate
Unreviewed
CVE-2018-21031
was published
May 24, 2022
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL...
Moderate
Unreviewed
CVE-2019-15635
was published
May 24, 2022
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the...
Moderate
Unreviewed
CVE-2019-16371
was published
May 24, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear...
Moderate
Unreviewed
CVE-2022-22458
was published
Dec 23, 2022
Insufficiently Protected Credentials vulnerability in the remote backups application on Western...
Moderate
Unreviewed
CVE-2022-29839
was published
Dec 9, 2022
A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT ...
Moderate
Unreviewed
CVE-2019-6567
was published
May 24, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may...
Moderate
Unreviewed
CVE-2022-30944
was published
Aug 19, 2022
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in...
Moderate
Unreviewed
CVE-2021-36317
was published
Dec 22, 2021
A vulnerability has been found in CESNET theme-cesnet up to 1.x and classified as problematic....
Moderate
Unreviewed
CVE-2016-15014
was published
Jan 7, 2023
The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0...
Moderate
Unreviewed
CVE-2022-42132
was published
Nov 15, 2022
Fortify Plugin stored credentials in plain text
Moderate
CVE-2020-2107
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
May 24, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently...
Moderate
Unreviewed
CVE-2022-33169
was published
Aug 2, 2022
ProTip!
Advisories are also available from the
GraphQL API