Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

356 advisories

Loading
In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users... High Unreviewed
CVE-2021-42557 was published May 24, 2022
On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch,... High Unreviewed
CVE-2020-16839 was published May 24, 2022
Specific BD Pyxis™ products were installed with default credentials and may presently still... High Unreviewed
CVE-2022-22767 was published Jun 3, 2022
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3... High Unreviewed
CVE-2022-22396 was published Jun 7, 2022
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can... High Unreviewed
CVE-2021-3154 was published May 24, 2022
DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and... High Unreviewed
CVE-2020-12734 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2021-20415 was published May 24, 2022
The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29321 was published May 24, 2022
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows... High Unreviewed
CVE-2020-35580 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22370 was published May 24, 2022
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29322 was published May 24, 2022
The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in... High Unreviewed
CVE-2020-29323 was published May 24, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22324 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22351 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... High Unreviewed
CVE-2020-35455 was published May 24, 2022
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the... High Unreviewed
CVE-2021-3131 was published May 24, 2022
AWS CodeDeploy Plugin stored AWS Secret Key in plain text High
CVE-2018-1000403 was published for com.amazonaws:codedeploy (Maven) May 13, 2022
westonsteimel
In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. High
CVE-2021-45457 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A... High Unreviewed
CVE-2022-26856 was published Apr 22, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,... High Unreviewed
CVE-2022-29457 was published Apr 19, 2022
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A... High Unreviewed
CVE-2021-20168 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All... High Unreviewed
CVE-2021-45077 was published Dec 31, 2021
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but... High Unreviewed
CVE-2021-33024 was published Apr 3, 2022
The programming protocol allows for a previously entered password and lock state to be read by an... High Unreviewed
CVE-2021-32978 was published Apr 5, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on... High Unreviewed
CVE-2022-24978 was published Apr 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database