GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
282 advisories
Filter by severity
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3...
High
Unreviewed
CVE-2022-22396
was published
Jun 7, 2022
Specific BD Pyxis™ products were installed with default credentials and may presently still...
High
Unreviewed
CVE-2022-22767
was published
Jun 3, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments...
High
Unreviewed
CVE-2022-22557
was published
Jun 3, 2022
An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get...
High
Unreviewed
CVE-2020-8994
was published
May 24, 2022
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7...
High
Unreviewed
CVE-2021-40503
was published
May 24, 2022
Information exposure through process environment vulnerability in Synology Calendar before 2.3.3...
High
Unreviewed
CVE-2019-11820
was published
May 24, 2022
A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30...
High
Unreviewed
CVE-2021-35033
was published
May 24, 2022
A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an...
High
Unreviewed
CVE-2021-3787
was published
May 24, 2022
In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users...
High
Unreviewed
CVE-2021-42557
was published
May 24, 2022
Windows AppContainer Elevation Of Privilege Vulnerability
High
Unreviewed
CVE-2021-40476
was published
May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2...
High
Unreviewed
CVE-2021-38460
was published
May 24, 2022
The Scheduler Connection component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO...
High
Unreviewed
CVE-2021-35495
was published
May 24, 2022
Information disclosure: The main configuration, including users and their hashed passwords, is...
High
Unreviewed
CVE-2021-23858
was published
May 24, 2022
ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to...
High
Unreviewed
CVE-2021-41297
was published
May 24, 2022
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker...
High
Unreviewed
CVE-2021-40655
was published
May 24, 2022
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,...
High
Unreviewed
CVE-2021-28498
was published
May 24, 2022
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),...
High
Unreviewed
CVE-2021-39289
was published
May 24, 2022
Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power...
High
Unreviewed
CVE-2021-35529
was published
May 24, 2022
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers...
High
Unreviewed
CVE-2021-38165
was published
May 24, 2022
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2...
High
Unreviewed
CVE-2021-27491
was published
May 24, 2022
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2...
High
Unreviewed
CVE-2021-27495
was published
May 24, 2022
On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch,...
High
Unreviewed
CVE-2020-16839
was published
May 24, 2022
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage...
High
Unreviewed
CVE-2020-5315
was published
May 24, 2022
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and...
High
Unreviewed
CVE-2020-12734
was published
May 24, 2022
IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user...
High
Unreviewed
CVE-2021-20439
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API