GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,498

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

817 advisories

Filter by severity

Sort by

Least recently updated

Azure Active Directory Information Disclosure Vulnerability Moderate Unreviewed

CVE-2021-42306 was published Nov 25, 2021

An issue was discovered on Renesas RX65 and RX65N devices. With a VCC glitch, an attacker can... Moderate Unreviewed

CVE-2021-43327 was published Dec 3, 2021

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers... Moderate Unreviewed

CVE-2020-27413 was published Dec 8, 2021

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary... High Unreviewed

CVE-2021-43978 was published Dec 9, 2021

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed

CVE-2021-37075 was published Dec 9, 2021

An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root... Critical Unreviewed

CVE-2021-20146 was published Dec 10, 2021

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... Moderate Unreviewed

CVE-2021-37187 was published Dec 11, 2021

Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring. Moderate Unreviewed

CVE-2021-40857 was published Dec 14, 2021

A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All... Moderate Unreviewed

CVE-2021-42023 was published Dec 15, 2021

GGLocker iOS application, contains an insecure data storage of the password hash value which... Moderate Unreviewed

CVE-2021-3179 was published Dec 17, 2021

KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the... Moderate Unreviewed

CVE-2021-45097 was published Dec 17, 2021

Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile... High Unreviewed

CVE-2020-8968 was published Dec 18, 2021

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed

CVE-2021-36318 was published Dec 22, 2021

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed

CVE-2021-36317 was published Dec 22, 2021

Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in... High Unreviewed

CVE-2021-20826 was published Dec 25, 2021

An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files... Critical Unreviewed

CVE-2021-37401 was published Dec 29, 2021

An attacker may obtain the user credentials from the communication between the PLC and the... Critical Unreviewed

CVE-2021-37400 was published Dec 29, 2021

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed

CVE-2021-45077 was published Dec 31, 2021

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed

CVE-2021-20168 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and... Moderate Unreviewed

CVE-2021-20163 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb... Moderate Unreviewed

CVE-2021-20164 was published Dec 31, 2021

Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier... Moderate Unreviewed

CVE-2022-0184 was published Jan 18, 2022

Users with appropriate file access may be able to access unencrypted user credentials saved by... Moderate Unreviewed

CVE-2021-32039 was published Jan 21, 2022

An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed

CVE-2021-23207 was published Jan 22, 2022

The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed

CVE-2021-23196 was published Jan 22, 2022

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

817 advisories