Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Loading
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson... High Unreviewed
CVE-2021-36204 was published Jan 13, 2023
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed
CVE-2022-0738 was published Mar 29, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37075 was published Dec 9, 2021
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed
CVE-2022-26948 was published Mar 31, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose... High Unreviewed
CVE-2022-1026 was published Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed
CVE-2022-24978 was published Apr 6, 2022
The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed
CVE-2021-32978 was published Apr 5, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed
CVE-2021-33024 was published Apr 3, 2022
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed
CVE-2021-45077 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed
CVE-2021-20168 was published Dec 31, 2021
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed
CVE-2022-29457 was published Apr 19, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A... High Unreviewed
CVE-2022-26856 was published Apr 22, 2022
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the... High Unreviewed
CVE-2021-3131 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... High Unreviewed
CVE-2020-35455 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22351 was published May 24, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22324 was published May 24, 2022
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29322 was published May 24, 2022
The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in... High Unreviewed
CVE-2020-29323 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22370 was published May 24, 2022
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows... High Unreviewed
CVE-2020-35580 was published May 24, 2022
The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29321 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2021-20415 was published May 24, 2022
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and... High Unreviewed
CVE-2020-12734 was published May 24, 2022
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can... High Unreviewed
CVE-2021-3154 was published May 24, 2022
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3... High Unreviewed
CVE-2022-22396 was published Jun 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database