GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
792 advisories
Filter by severity
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an...
High
Unreviewed
CVE-2022-26948
was published
Mar 31, 2022
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,...
High
Unreviewed
CVE-2022-0738
was published
Mar 29, 2022
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to...
Moderate
Unreviewed
CVE-2022-0859
was published
Mar 24, 2022
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise...
Moderate
Unreviewed
CVE-2022-0862
was published
Mar 24, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a...
Moderate
Unreviewed
CVE-2020-25184
was published
Mar 19, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24506
was published
Mar 10, 2022
A man-in-the-middle attacker can inject false responses to the client's first few queries,...
Moderate
Unreviewed
CVE-2021-23222
was published
Mar 4, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that...
Moderate
Unreviewed
CVE-2022-22321
was published
Mar 2, 2022
SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read...
Moderate
Unreviewed
CVE-2022-22908
was published
Feb 27, 2022
Settings/network settings/wireless settings on the Alecto DVC-215IP camera version 63.1.1.173 and...
High
Unreviewed
CVE-2022-24610
was published
Feb 25, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-39026
was published
Feb 19, 2022
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to...
Moderate
Unreviewed
CVE-2022-24982
was published
Feb 17, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive...
High
Unreviewed
CVE-2021-22798
was published
Feb 12, 2022
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0...
Moderate
Unreviewed
CVE-2021-33107
was published
Feb 11, 2022
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks...
Moderate
Unreviewed
CVE-2022-0019
was published
Feb 11, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40360
was published
Feb 10, 2022
Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials...
Moderate
Unreviewed
CVE-2022-22554
was published
Jan 25, 2022
The web application on Agilia Link+ version 3.0 implements authentication and session management...
Critical
Unreviewed
CVE-2021-23196
was published
Jan 22, 2022
An attacker with physical access to the host can extract the secrets from the registry and create...
Moderate
Unreviewed
CVE-2021-23207
was published
Jan 22, 2022
Users with appropriate file access may be able to access unencrypted user credentials saved by...
Moderate
Unreviewed
CVE-2021-32039
was published
Jan 21, 2022
Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier...
Moderate
Unreviewed
CVE-2022-0184
was published
Jan 18, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb...
Moderate
Unreviewed
CVE-2021-20164
was published
Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and...
Moderate
Unreviewed
CVE-2021-20163
was published
Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A...
High
Unreviewed
CVE-2021-20168
was published
Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All...
High
Unreviewed
CVE-2021-45077
was published
Dec 31, 2021
ProTip!
Advisories are also available from the
GraphQL API