Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,070 advisories

Loading
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed
CVE-2022-29457 was published Apr 19, 2022
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An... Moderate Unreviewed
CVE-2022-22550 was published Apr 13, 2022
Private key stored in plain text by Jenkins Google Compute Engine Plugin Moderate
CVE-2022-29052 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) Apr 13, 2022
NotMyFault
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed
CVE-2021-20168 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed
CVE-2021-45077 was published Dec 31, 2021
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Moderate Unreviewed
CVE-2022-28651 was published Apr 6, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed
CVE-2021-33024 was published Apr 3, 2022
The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed
CVE-2021-32978 was published Apr 5, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a... Moderate Unreviewed
CVE-2021-45892 was published Apr 6, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed
CVE-2022-24978 was published Apr 6, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose... High Unreviewed
CVE-2022-1026 was published Apr 5, 2022
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed
CVE-2022-26948 was published Mar 31, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37075 was published Dec 9, 2021
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed
CVE-2022-0738 was published Mar 29, 2022
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to... Moderate Unreviewed
CVE-2022-0859 was published Mar 24, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed
CVE-2020-25184 was published Mar 19, 2022
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who... Moderate Unreviewed
CVE-2022-34837 was published Aug 25, 2022
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson... High Unreviewed
CVE-2021-36204 was published Jan 13, 2023
Client TLS credentials sent raw to server in npm package nats Critical
GHSA-prmc-5v5w-c465 was published for nats (npm) Apr 6, 2021
Information disclosure through error object in auth0.js High
CVE-2020-5263 was published for auth0-js (npm) Apr 10, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database