GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
296 advisories
Filter by severity
Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary...
High
Unreviewed
CVE-2021-43978
was published
Dec 9, 2021
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful...
High
Unreviewed
CVE-2021-37075
was published
Dec 9, 2021
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile...
High
Unreviewed
CVE-2020-8968
was published
Dec 18, 2021
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in...
High
Unreviewed
CVE-2021-20826
was published
Dec 25, 2021
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All...
High
Unreviewed
CVE-2021-45077
was published
Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A...
High
Unreviewed
CVE-2021-20168
was published
Dec 31, 2021
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40360
was published
Feb 10, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive...
High
Unreviewed
CVE-2021-22798
was published
Feb 12, 2022
Settings/network settings/wireless settings on the Alecto DVC-215IP camera version 63.1.1.173 and...
High
Unreviewed
CVE-2022-24610
was published
Feb 25, 2022
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,...
High
Unreviewed
CVE-2022-0738
was published
Mar 29, 2022
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an...
High
Unreviewed
CVE-2022-26948
was published
Mar 31, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but...
High
Unreviewed
CVE-2021-33024
was published
Apr 3, 2022
The programming protocol allows for a previously entered password and lock state to be read by an...
High
Unreviewed
CVE-2021-32978
was published
Apr 5, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose...
High
Unreviewed
CVE-2022-1026
was published
Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on...
High
Unreviewed
CVE-2022-24978
was published
Apr 6, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,...
High
Unreviewed
CVE-2022-29457
was published
Apr 19, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A...
High
Unreviewed
CVE-2022-26856
was published
Apr 22, 2022
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access...
High
Unreviewed
CVE-1999-0013
was published
Apr 30, 2022
CGI Script Center News Update 1.1 does not properly validate the original news administration...
High
Unreviewed
CVE-2000-0944
was published
Apr 30, 2022
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by...
High
Unreviewed
CVE-2005-3435
was published
May 1, 2022
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of...
High
Unreviewed
CVE-2007-0681
was published
May 1, 2022
An exploitable clear text transmission of password vulnerability exists in the web server and...
High
Unreviewed
CVE-2017-12123
was published
May 13, 2022
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and...
High
Unreviewed
CVE-2018-13822
was published
May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to...
High
Unreviewed
CVE-2017-9557
was published
May 13, 2022
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session...
High
Unreviewed
CVE-2018-20781
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API