GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
824 advisories
Filter by severity
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson...
High
Unreviewed
CVE-2021-36204
was published
Jan 13, 2023
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who...
Moderate
Unreviewed
CVE-2022-34837
was published
Aug 25, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a...
Moderate
Unreviewed
CVE-2020-25184
was published
Mar 19, 2022
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to...
Moderate
Unreviewed
CVE-2022-0859
was published
Mar 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5,...
High
Unreviewed
CVE-2022-0738
was published
Mar 29, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful...
High
Unreviewed
CVE-2021-37075
was published
Dec 9, 2021
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an...
High
Unreviewed
CVE-2022-26948
was published
Mar 31, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose...
High
Unreviewed
CVE-2022-1026
was published
Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on...
High
Unreviewed
CVE-2022-24978
was published
Apr 6, 2022
The programming protocol allows for a previously entered password and lock state to be read by an...
High
Unreviewed
CVE-2021-32978
was published
Apr 5, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a...
Moderate
Unreviewed
CVE-2021-45892
was published
Apr 6, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but...
High
Unreviewed
CVE-2021-33024
was published
Apr 3, 2022
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
Moderate
Unreviewed
CVE-2022-28651
was published
Apr 6, 2022
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All...
High
Unreviewed
CVE-2021-45077
was published
Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A...
High
Unreviewed
CVE-2021-20168
was published
Dec 31, 2021
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An...
Moderate
Unreviewed
CVE-2022-22550
was published
Apr 13, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,...
High
Unreviewed
CVE-2022-29457
was published
Apr 19, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-39026
was published
Feb 19, 2022
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in...
Moderate
Unreviewed
CVE-2021-3681
was published
Apr 19, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A...
High
Unreviewed
CVE-2022-26856
was published
Apr 22, 2022
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a...
Moderate
Unreviewed
CVE-2022-41732
was published
Nov 28, 2022
A malicious actor having access to the exported configuration file may obtain the stored...
Moderate
Unreviewed
CVE-2022-27179
was published
Apr 21, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when...
Moderate
Unreviewed
CVE-2020-27831
was published
May 24, 2022
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an...
Moderate
Unreviewed
CVE-2021-1589
was published
May 24, 2022
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,...
Moderate
Unreviewed
CVE-2021-3130
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API