GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,279
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,783
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,113

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

366 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is... Moderate Unreviewed

CVE-2020-27839 was published May 24, 2022

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager... Moderate Unreviewed

CVE-2019-11663 was published May 24, 2022

Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32,... Moderate Unreviewed

CVE-2019-11664 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear... Moderate Unreviewed

CVE-2021-38976 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM... Moderate Unreviewed

CVE-2021-38502 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed

CVE-2020-23036 was published May 24, 2022

On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed

CVE-2021-28496 was published May 24, 2022

Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed

CVE-2021-38179 was published May 24, 2022

A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below... Moderate Unreviewed

CVE-2021-36178 was published May 24, 2022

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure... Moderate Unreviewed

CVE-2021-36309 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may... Moderate Unreviewed

CVE-2021-21522 was published May 24, 2022

An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed

CVE-2021-40654 was published May 24, 2022

A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed

CVE-2021-1589 was published May 24, 2022

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-20434 was published May 24, 2022

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-38863 was published May 24, 2022

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials... Moderate Unreviewed

CVE-2021-29811 was published May 24, 2022

When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed

CVE-2021-38150 was published May 24, 2022

Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows... Moderate Unreviewed

CVE-2021-39458 was published May 24, 2022

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed

CVE-2021-28499 was published May 24, 2022

An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed

CVE-2021-1873 was published May 24, 2022

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network ... Moderate Unreviewed

CVE-2021-34733 was published May 24, 2022

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete... Moderate Unreviewed

CVE-2021-34560 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

366 advisories