Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

792 advisories

Loading
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson... High Unreviewed
CVE-2021-36204 was published Jan 13, 2023
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who... Moderate Unreviewed
CVE-2022-34837 was published Aug 25, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed
CVE-2020-25184 was published Mar 19, 2022
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to... Moderate Unreviewed
CVE-2022-0859 was published Mar 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed
CVE-2022-0738 was published Mar 29, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37075 was published Dec 9, 2021
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed
CVE-2022-26948 was published Mar 31, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose... High Unreviewed
CVE-2022-1026 was published Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed
CVE-2022-24978 was published Apr 6, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a... Moderate Unreviewed
CVE-2021-45892 was published Apr 6, 2022
The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed
CVE-2021-32978 was published Apr 5, 2022
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Moderate Unreviewed
CVE-2022-28651 was published Apr 6, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed
CVE-2021-33024 was published Apr 3, 2022
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed
CVE-2021-45077 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed
CVE-2021-20168 was published Dec 31, 2021
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An... Moderate Unreviewed
CVE-2022-22550 was published Apr 13, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed
CVE-2022-29457 was published Apr 19, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-39026 was published Feb 19, 2022
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in... Moderate Unreviewed
CVE-2021-3681 was published Apr 19, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A... High Unreviewed
CVE-2022-26856 was published Apr 22, 2022
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a... Moderate Unreviewed
CVE-2022-41732 was published Nov 28, 2022
A malicious actor having access to the exported configuration file may obtain the stored... Moderate Unreviewed
CVE-2022-27179 was published Apr 21, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed
CVE-2020-27831 was published May 24, 2022
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed
CVE-2021-1589 was published May 24, 2022
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,... Moderate Unreviewed
CVE-2021-3130 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database