GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,007

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

331 advisories

Filter by severity

Sort by

Least recently updated

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal... Moderate Unreviewed

CVE-2021-27785 was published Jul 31, 2022

BigFix Web Reports authorized users may see SMTP credentials in clear text. Moderate Unreviewed

CVE-2022-27544 was published Jul 20, 2022

HCL Launch stores user credentials in plain clear text which can be read by a local user. Moderate Unreviewed

CVE-2022-27548 was published Jul 7, 2022

Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2022-2221 was published Jun 28, 2022

IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the... Moderate Unreviewed

CVE-2022-33953 was published Jun 25, 2022

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed

CVE-2021-30651 was published Jun 25, 2022

The default password for the web application’s root user (the vendor’s private account) was weak... Moderate Unreviewed

CVE-2022-1666 was published Jun 25, 2022

An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed

CVE-2022-21184 was published Jun 18, 2022

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed

CVE-2022-1342 was published Jun 16, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed

CVE-2022-30231 was published Jun 15, 2022

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82... Moderate Unreviewed

CVE-2022-27774 was published Jun 3, 2022

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak... Moderate Unreviewed

CVE-2022-27776 was published Jun 3, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed

CVE-2022-29085 was published Jun 3, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Moderate Unreviewed

CVE-2021-30169 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure... Moderate Unreviewed

CVE-2020-27258 was published May 24, 2022

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is... Moderate Unreviewed

CVE-2020-27839 was published May 24, 2022

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager... Moderate Unreviewed

CVE-2019-11663 was published May 24, 2022

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32,... Moderate Unreviewed

CVE-2019-11664 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear... Moderate Unreviewed

CVE-2021-38976 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM... Moderate Unreviewed

CVE-2021-38502 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

331 advisories