GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,008

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

792 advisories

Filter by severity

Sort by

Least recently updated

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed

CVE-2022-26948 was published Mar 31, 2022

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed

CVE-2022-0738 was published Mar 29, 2022

McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to... Moderate Unreviewed

CVE-2022-0859 was published Mar 24, 2022

A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise... Moderate Unreviewed

CVE-2022-0862 was published Mar 24, 2022

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed

CVE-2020-25184 was published Mar 19, 2022

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed

CVE-2022-24506 was published Mar 10, 2022

A man-in-the-middle attacker can inject false responses to the client's first few queries,... Moderate Unreviewed

CVE-2021-23222 was published Mar 4, 2022

IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that... Moderate Unreviewed

CVE-2022-22321 was published Mar 2, 2022

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read... Moderate Unreviewed

CVE-2022-22908 was published Feb 27, 2022

Settings/network settings/wireless settings on the Alecto DVC-215IP camera version 63.1.1.173 and... High Unreviewed

CVE-2022-24610 was published Feb 25, 2022

IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-39026 was published Feb 19, 2022

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to... Moderate Unreviewed

CVE-2022-24982 was published Feb 17, 2022

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive... High Unreviewed

CVE-2021-22798 was published Feb 12, 2022

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0... Moderate Unreviewed

CVE-2021-33107 was published Feb 11, 2022

An insufficiently protected credentials vulnerability exists in the Palo Alto Networks... Moderate Unreviewed

CVE-2022-0019 was published Feb 11, 2022

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed

CVE-2021-40360 was published Feb 10, 2022

Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials... Moderate Unreviewed

CVE-2022-22554 was published Jan 25, 2022

The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed

CVE-2021-23196 was published Jan 22, 2022

An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed

CVE-2021-23207 was published Jan 22, 2022

Users with appropriate file access may be able to access unencrypted user credentials saved by... Moderate Unreviewed

CVE-2021-32039 was published Jan 21, 2022

Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier... Moderate Unreviewed

CVE-2022-0184 was published Jan 18, 2022

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb... Moderate Unreviewed

CVE-2021-20164 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and... Moderate Unreviewed

CVE-2021-20163 was published Dec 31, 2021

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed

CVE-2021-20168 was published Dec 31, 2021

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed

CVE-2021-45077 was published Dec 31, 2021

Previous 1 2 … 28 29 30 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

792 advisories