GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,350
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,681
NuGet 650
pip 3,298
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,417

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

448 advisories

Filter by severity

Sort by

Least recently updated

BigFix Web Reports authorized users may see SMTP credentials in clear text. Moderate Unreviewed

CVE-2022-27544 was published Jul 20, 2022

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials... Moderate Unreviewed

CVE-2022-22983 was published Aug 11, 2022

An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed

CVE-2021-23207 was published Jan 22, 2022

The default password for the web application’s root user (the vendor’s private account) was weak... Moderate Unreviewed

CVE-2022-1666 was published Jun 25, 2022

HCL Launch stores user credentials in plain clear text which can be read by a local user. Moderate Unreviewed

CVE-2022-27548 was published Jul 7, 2022

Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2022-2221 was published Jun 28, 2022

IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the... Moderate Unreviewed

CVE-2022-33953 was published Jun 25, 2022

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed

CVE-2021-30651 was published Jun 25, 2022

An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed

CVE-2022-21184 was published Jun 18, 2022

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions... Moderate Unreviewed

CVE-2022-29507 was published Aug 19, 2022

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed

CVE-2022-1342 was published Jun 16, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed

CVE-2022-30231 was published Jun 15, 2022

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does... Moderate Unreviewed

CVE-2012-5627 was published May 17, 2022

Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect Moderate

CVE-2022-31033 was published for mechanize (RubyGems) Jun 9, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed

CVE-2021-1126 was published May 24, 2022

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed

CVE-2021-28499 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed

CVE-2021-38150 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed

CVE-2021-40654 was published May 24, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed

CVE-2022-29085 was published Jun 3, 2022

An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed

CVE-2021-1873 was published May 24, 2022

Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows... Moderate Unreviewed

CVE-2021-32003 was published May 24, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

448 advisories