Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Loading
Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary... High Unreviewed
CVE-2021-43978 was published Dec 9, 2021
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37075 was published Dec 9, 2021
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile... High Unreviewed
CVE-2020-8968 was published Dec 18, 2021
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in... High Unreviewed
CVE-2021-20826 was published Dec 25, 2021
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed
CVE-2021-45077 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed
CVE-2021-20168 was published Dec 31, 2021
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive... High Unreviewed
CVE-2021-22798 was published Feb 12, 2022
Settings/network settings/wireless settings on the Alecto DVC-215IP camera version 63.1.1.173 and... High Unreviewed
CVE-2022-24610 was published Feb 25, 2022
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed
CVE-2022-0738 was published Mar 29, 2022
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed
CVE-2022-26948 was published Mar 31, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed
CVE-2021-33024 was published Apr 3, 2022
The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed
CVE-2021-32978 was published Apr 5, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose... High Unreviewed
CVE-2022-1026 was published Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed
CVE-2022-24978 was published Apr 6, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed
CVE-2022-29457 was published Apr 19, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A... High Unreviewed
CVE-2022-26856 was published Apr 22, 2022
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access... High Unreviewed
CVE-1999-0013 was published Apr 30, 2022
CGI Script Center News Update 1.1 does not properly validate the original news administration... High Unreviewed
CVE-2000-0944 was published Apr 30, 2022
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by... High Unreviewed
CVE-2005-3435 was published May 1, 2022
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of... High Unreviewed
CVE-2007-0681 was published May 1, 2022
An exploitable clear text transmission of password vulnerability exists in the web server and... High Unreviewed
CVE-2017-12123 was published May 13, 2022
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and... High Unreviewed
CVE-2018-13822 was published May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to... High Unreviewed
CVE-2017-9557 was published May 13, 2022
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session... High Unreviewed
CVE-2018-20781 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database