GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Filter by severity

Sort by

Least recently updated

Azure Active Directory Information Disclosure Vulnerability Moderate Unreviewed

CVE-2021-42306 was published Nov 25, 2021

An issue was discovered on Renesas RX65 and RX65N devices. With a VCC glitch, an attacker can... Moderate Unreviewed

CVE-2021-43327 was published Dec 3, 2021

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers... Moderate Unreviewed

CVE-2020-27413 was published Dec 8, 2021

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... Moderate Unreviewed

CVE-2021-37187 was published Dec 11, 2021

Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring. Moderate Unreviewed

CVE-2021-40857 was published Dec 14, 2021

A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All... Moderate Unreviewed

CVE-2021-42023 was published Dec 15, 2021

GGLocker iOS application, contains an insecure data storage of the password hash value which... Moderate Unreviewed

CVE-2021-3179 was published Dec 17, 2021

KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the... Moderate Unreviewed

CVE-2021-45097 was published Dec 17, 2021

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed

CVE-2021-36318 was published Dec 22, 2021

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed

CVE-2021-36317 was published Dec 22, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and... Moderate Unreviewed

CVE-2021-20163 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb... Moderate Unreviewed

CVE-2021-20164 was published Dec 31, 2021

Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier... Moderate Unreviewed

CVE-2022-0184 was published Jan 18, 2022

Users with appropriate file access may be able to access unencrypted user credentials saved by... Moderate Unreviewed

CVE-2021-32039 was published Jan 21, 2022

An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed

CVE-2021-23207 was published Jan 22, 2022

Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials... Moderate Unreviewed

CVE-2022-22554 was published Jan 25, 2022

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks... Moderate Unreviewed

CVE-2022-0019 was published Feb 11, 2022

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0... Moderate Unreviewed

CVE-2021-33107 was published Feb 11, 2022

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to... Moderate Unreviewed

CVE-2022-24982 was published Feb 17, 2022

IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-39026 was published Feb 19, 2022

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read... Moderate Unreviewed

CVE-2022-22908 was published Feb 27, 2022

IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that... Moderate Unreviewed

CVE-2022-22321 was published Mar 2, 2022

A man-in-the-middle attacker can inject false responses to the client's first few queries,... Moderate Unreviewed

CVE-2021-23222 was published Mar 4, 2022

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed

CVE-2022-24506 was published Mar 10, 2022

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed

CVE-2020-25184 was published Mar 19, 2022

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

350 advisories