Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Loading
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed
CVE-2021-20434 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed
CVE-2021-38863 was published May 24, 2022
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials... Moderate Unreviewed
CVE-2021-29811 was published May 24, 2022
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows... Moderate Unreviewed
CVE-2021-39458 was published May 24, 2022
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed
CVE-2021-28499 was published May 24, 2022
An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed
CVE-2021-1873 was published May 24, 2022
A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network ... Moderate Unreviewed
CVE-2021-34733 was published May 24, 2022
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete... Moderate Unreviewed
CVE-2021-34560 was published May 24, 2022
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows... Moderate Unreviewed
CVE-2021-32003 was published May 24, 2022
NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating... Moderate Unreviewed
CVE-2021-37452 was published May 24, 2022
A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed
CVE-2021-34700 was published May 24, 2022
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of... Moderate Unreviewed
CVE-2020-12732 was published May 24, 2022
Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all... Moderate Unreviewed
CVE-2021-22781 was published May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text... Moderate Unreviewed
CVE-2021-21591 was published May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text... Moderate Unreviewed
CVE-2021-21590 was published May 24, 2022
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve... Moderate Unreviewed
CVE-2021-31857 was published May 24, 2022
A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an... Moderate Unreviewed
CVE-2021-1537 was published May 24, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed
CVE-2020-27831 was published May 24, 2022
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an... Moderate Unreviewed
CVE-2021-29253 was published May 24, 2022
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive... Moderate Unreviewed
CVE-2019-25030 was published May 24, 2022
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-29138 was published May 24, 2022
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default... Moderate Unreviewed
CVE-2021-22115 was published May 24, 2022
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift... Moderate Unreviewed
CVE-2019-10225 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database