GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,184
Composer 4,340
Erlang 31
GitHub Actions 22
Go 2,101
Maven 5,279
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 885
Swift 37

Unreviewed advisories

All unreviewed 242,961

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

361 advisories

Filter by severity

Sort by

Least recently updated

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed

CVE-2022-29959 was published Aug 17, 2022

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat... Moderate Unreviewed

CVE-2020-10710 was published Aug 17, 2022

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE... Moderate Unreviewed

CVE-2022-20914 was published Aug 11, 2022

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials... Moderate Unreviewed

CVE-2022-22983 was published Aug 11, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently... Moderate Unreviewed

CVE-2022-33169 was published Aug 2, 2022

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal... Moderate Unreviewed

CVE-2021-27785 was published Jul 31, 2022

BigFix Web Reports authorized users may see SMTP credentials in clear text. Moderate Unreviewed

CVE-2022-27544 was published Jul 20, 2022

HCL Launch stores user credentials in plain clear text which can be read by a local user. Moderate Unreviewed

CVE-2022-27548 was published Jul 7, 2022

Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2022-2221 was published Jun 28, 2022

IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the... Moderate Unreviewed

CVE-2022-33953 was published Jun 25, 2022

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed

CVE-2021-30651 was published Jun 25, 2022

The default password for the web application’s root user (the vendor’s private account) was weak... Moderate Unreviewed

CVE-2022-1666 was published Jun 25, 2022

An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed

CVE-2022-21184 was published Jun 18, 2022

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed

CVE-2022-1342 was published Jun 16, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed

CVE-2022-30231 was published Jun 15, 2022

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak... Moderate Unreviewed

CVE-2022-27776 was published Jun 3, 2022

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82... Moderate Unreviewed

CVE-2022-27774 was published Jun 3, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text... Moderate Unreviewed

CVE-2022-29085 was published Jun 3, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Moderate Unreviewed

CVE-2021-30169 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure... Moderate Unreviewed

CVE-2020-27258 was published May 24, 2022

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is... Moderate Unreviewed

CVE-2020-27839 was published May 24, 2022

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager... Moderate Unreviewed

CVE-2019-11663 was published May 24, 2022

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32,... Moderate Unreviewed

CVE-2019-11664 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear... Moderate Unreviewed

CVE-2021-38976 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

361 advisories