GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
149 advisories
Filter by severity
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password...
High
Unreviewed
CVE-2022-24188
was published
Nov 29, 2022
VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and...
High
Unreviewed
CVE-2021-36460
was published
Apr 26, 2022
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a ...
High
Unreviewed
CVE-2021-28374
was published
May 24, 2022
Cleartext storage of sensitive information in multiple versions of Octopus Server where in...
High
Unreviewed
CVE-2021-30183
was published
May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial...
High
Unreviewed
CVE-2021-31816
was published
May 24, 2022
When configuring Octopus Server if it is configured with an external SQL database, on initial...
High
Unreviewed
CVE-2021-31817
was published
May 24, 2022
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4...
High
Unreviewed
CVE-2021-45025
was published
Jun 18, 2022
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away...
High
Unreviewed
CVE-2020-8225
was published
May 24, 2022
Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access...
High
Unreviewed
CVE-2022-30626
was published
Jul 19, 2022
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed...
High
Unreviewed
CVE-2022-24660
was published
Jul 21, 2022
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an...
High
Unreviewed
CVE-2022-34924
was published
Aug 3, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Guest...
High
Unreviewed
CVE-2022-2813
was published
Aug 16, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40363
was published
Feb 10, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the...
High
Unreviewed
CVE-2020-27613
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored...
High
Unreviewed
CVE-2020-26551
was published
May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55....
High
Unreviewed
CVE-2020-24577
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs...
High
Unreviewed
CVE-2020-5018
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find...
High
Unreviewed
CVE-2021-27140
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has...
High
Unreviewed
CVE-2021-27174
was published
May 24, 2022
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury...
High
Unreviewed
CVE-2020-29001
was published
May 24, 2022
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale...
High
Unreviewed
CVE-2021-0337
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext...
High
Unreviewed
CVE-2021-27175
was published
May 24, 2022
The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV...
High
Unreviewed
CVE-2021-28937
was published
May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an...
High
Unreviewed
CVE-2018-19941
was published
May 24, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the...
High
Unreviewed
CVE-2022-42956
was published
Nov 7, 2022
ProTip!
Advisories are also available from the
GraphQL API