GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,184
Composer 4,340
Erlang 31
GitHub Actions 22
Go 2,101
Maven 5,279
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 885
Swift 37

Unreviewed advisories

All unreviewed 242,961

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

361 advisories

Filter by severity

Sort by

Least recently updated

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM... Moderate Unreviewed

CVE-2021-38502 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below... Moderate Unreviewed

CVE-2021-36178 was published May 24, 2022

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure... Moderate Unreviewed

CVE-2021-36309 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may... Moderate Unreviewed

CVE-2021-21522 was published May 24, 2022

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed

CVE-2021-40654 was published May 24, 2022

A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed

CVE-2021-1589 was published May 24, 2022

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-20434 was published May 24, 2022

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-38863 was published May 24, 2022

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials... Moderate Unreviewed

CVE-2021-29811 was published May 24, 2022

When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed

CVE-2021-38150 was published May 24, 2022

Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows... Moderate Unreviewed

CVE-2021-39458 was published May 24, 2022

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed

CVE-2021-28499 was published May 24, 2022

An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed

CVE-2021-1873 was published May 24, 2022

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network ... Moderate Unreviewed

CVE-2021-34733 was published May 24, 2022

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete... Moderate Unreviewed

CVE-2021-34560 was published May 24, 2022

When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed

CVE-2021-22923 was published May 24, 2022

Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows... Moderate Unreviewed

CVE-2021-32003 was published May 24, 2022

NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating... Moderate Unreviewed

CVE-2021-37452 was published May 24, 2022

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed

CVE-2021-34700 was published May 24, 2022

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of... Moderate Unreviewed

CVE-2020-12732 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

361 advisories