Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

149 advisories

Loading
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password... High Unreviewed
CVE-2022-24188 was published Nov 29, 2022
VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and... High Unreviewed
CVE-2021-36460 was published Apr 26, 2022
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a ... High Unreviewed
CVE-2021-28374 was published May 24, 2022
Cleartext storage of sensitive information in multiple versions of Octopus Server where in... High Unreviewed
CVE-2021-30183 was published May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed
CVE-2021-31816 was published May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed
CVE-2021-31817 was published May 24, 2022
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4... High Unreviewed
CVE-2021-45025 was published Jun 18, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away... High Unreviewed
CVE-2020-8225 was published May 24, 2022
Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access... High Unreviewed
CVE-2022-30626 was published Jul 19, 2022
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed... High Unreviewed
CVE-2022-24660 was published Jul 21, 2022
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an... High Unreviewed
CVE-2022-34924 was published Aug 3, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Guest... High Unreviewed
CVE-2022-2813 was published Aug 16, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40363 was published Feb 10, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the... High Unreviewed
CVE-2020-27613 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored... High Unreviewed
CVE-2020-26551 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24577 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs... High Unreviewed
CVE-2020-5018 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find... High Unreviewed
CVE-2021-27140 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has... High Unreviewed
CVE-2021-27174 was published May 24, 2022
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury... High Unreviewed
CVE-2020-29001 was published May 24, 2022
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale... High Unreviewed
CVE-2021-0337 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext... High Unreviewed
CVE-2021-27175 was published May 24, 2022
The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV... High Unreviewed
CVE-2021-28937 was published May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an... High Unreviewed
CVE-2018-19941 was published May 24, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the... High Unreviewed
CVE-2022-42956 was published Nov 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database