GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
448 advisories
Filter by severity
BigFix Web Reports authorized users may see SMTP credentials in clear text.
Moderate
Unreviewed
CVE-2022-27544
was published
Jul 20, 2022
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials...
Moderate
Unreviewed
CVE-2022-22983
was published
Aug 11, 2022
An attacker with physical access to the host can extract the secrets from the registry and create...
Moderate
Unreviewed
CVE-2021-23207
was published
Jan 22, 2022
The default password for the web application’s root user (the vendor’s private account) was weak...
Moderate
Unreviewed
CVE-2022-1666
was published
Jun 25, 2022
HCL Launch stores user credentials in plain clear text which can be read by a local user.
Moderate
Unreviewed
CVE-2022-27548
was published
Jul 7, 2022
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2022-2221
was published
Jun 28, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the...
Moderate
Unreviewed
CVE-2022-33953
was published
Jun 25, 2022
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active...
Moderate
Unreviewed
CVE-2021-30651
was published
Jun 25, 2022
An information disclosure vulnerability exists in the License registration functionality of...
Moderate
Unreviewed
CVE-2022-21184
was published
Jun 18, 2022
Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions...
Moderate
Unreviewed
CVE-2022-29507
was published
Aug 19, 2022
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate...
Moderate
Unreviewed
CVE-2022-1342
was published
Jun 16, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),...
Moderate
Unreviewed
CVE-2022-30231
was published
Jun 15, 2022
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does...
Moderate
Unreviewed
CVE-2012-5627
was published
May 17, 2022
Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect
Moderate
CVE-2022-31033
was published
for
mechanize
(RubyGems)
Jun 9, 2022
The Credova_Financial WordPress plugin discloses a site's associated Credova API account username...
Moderate
Unreviewed
CVE-2021-39342
was published
May 24, 2022
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ...
Moderate
Unreviewed
CVE-2021-1126
was published
May 24, 2022
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,...
Moderate
Unreviewed
CVE-2021-28499
was published
May 24, 2022
On systems running Arista EOS and CloudEOS with the affected release version, when using shared...
Moderate
Unreviewed
CVE-2021-28496
was published
May 24, 2022
When an attacker manages to get access to the local memory, or the memory dump of a victim, for...
Moderate
Unreviewed
CVE-2021-38150
was published
May 24, 2022
MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability...
Moderate
Unreviewed
CVE-2020-23036
was published
May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows...
Moderate
Unreviewed
CVE-2021-38179
was published
May 24, 2022
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user...
Moderate
Unreviewed
CVE-2021-40654
was published
May 24, 2022
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text...
Moderate
Unreviewed
CVE-2022-29085
was published
Jun 3, 2022
An API issue in Accessibility TCC permissions was addressed with improved state management. This...
Moderate
Unreviewed
CVE-2021-1873
was published
May 24, 2022
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows...
Moderate
Unreviewed
CVE-2021-32003
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API