GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,632

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

824 advisories

Filter by severity

Sort by

Least recently updated

Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson... High Unreviewed

CVE-2021-36204 was published Jan 13, 2023

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who... Moderate Unreviewed

CVE-2022-34837 was published Aug 25, 2022

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed

CVE-2020-25184 was published Mar 19, 2022

McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to... Moderate Unreviewed

CVE-2022-0859 was published Mar 24, 2022

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,... High Unreviewed

CVE-2022-0738 was published Mar 29, 2022

There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful... High Unreviewed

CVE-2021-37075 was published Dec 9, 2021

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an... High Unreviewed

CVE-2022-26948 was published Mar 31, 2022

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose... High Unreviewed

CVE-2022-1026 was published Apr 5, 2022

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed

CVE-2022-24978 was published Apr 6, 2022

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a... Moderate Unreviewed

CVE-2021-45892 was published Apr 6, 2022

The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed

CVE-2021-32978 was published Apr 5, 2022

In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Moderate Unreviewed

CVE-2022-28651 was published Apr 6, 2022

Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed

CVE-2021-33024 was published Apr 3, 2022

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed

CVE-2021-45077 was published Dec 31, 2021

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed

CVE-2021-20168 was published Dec 31, 2021

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An... Moderate Unreviewed

CVE-2022-22550 was published Apr 13, 2022

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed

CVE-2022-29457 was published Apr 19, 2022

IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2021-39026 was published Feb 19, 2022

A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in... Moderate Unreviewed

CVE-2021-3681 was published Apr 19, 2022

Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A... High Unreviewed

CVE-2022-26856 was published Apr 22, 2022

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a... Moderate Unreviewed

CVE-2022-41732 was published Nov 28, 2022

A malicious actor having access to the exported configuration file may obtain the stored... Moderate Unreviewed

CVE-2022-27179 was published Apr 21, 2022

A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed

CVE-2020-27831 was published May 24, 2022

A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed

CVE-2021-1589 was published May 24, 2022

Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,... Moderate Unreviewed

CVE-2021-3130 was published May 24, 2022

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

824 advisories