GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Filter by severity

Sort by

Least recently updated

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed

CVE-2021-30651 was published Jun 25, 2022

An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed

CVE-2022-21184 was published Jun 18, 2022

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed

CVE-2022-1342 was published Jun 16, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed

CVE-2022-30231 was published Jun 15, 2022

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82... Moderate Unreviewed

CVE-2022-27774 was published Jun 3, 2022

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak... Moderate Unreviewed

CVE-2022-27776 was published Jun 3, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed

CVE-2022-29085 was published Jun 3, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Moderate Unreviewed

CVE-2021-30169 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure... Moderate Unreviewed

CVE-2020-27258 was published May 24, 2022

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is... Moderate Unreviewed

CVE-2020-27839 was published May 24, 2022

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32,... Moderate Unreviewed

CVE-2019-11664 was published May 24, 2022

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager... Moderate Unreviewed

CVE-2019-11663 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear... Moderate Unreviewed

CVE-2021-38976 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM... Moderate Unreviewed

CVE-2021-38502 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below... Moderate Unreviewed

CVE-2021-36178 was published May 24, 2022

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure... Moderate Unreviewed

CVE-2021-36309 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may... Moderate Unreviewed

CVE-2021-21522 was published May 24, 2022

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed

CVE-2021-40654 was published May 24, 2022

A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed

CVE-2021-1589 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

350 advisories