GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,239

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

303 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7... High Unreviewed

CVE-2021-40503 was published May 24, 2022

Information exposure through process environment vulnerability in Synology Calendar before 2.3.3... High Unreviewed

CVE-2019-11820 was published May 24, 2022

A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30... High Unreviewed

CVE-2021-35033 was published May 24, 2022

A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an... High Unreviewed

CVE-2021-3787 was published May 24, 2022

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users... High Unreviewed

CVE-2021-42557 was published May 24, 2022

Windows AppContainer Elevation Of Privilege Vulnerability High Unreviewed

CVE-2021-40476 was published May 24, 2022

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2... High Unreviewed

CVE-2021-38460 was published May 24, 2022

The Scheduler Connection component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed

CVE-2021-35495 was published May 24, 2022

Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed

CVE-2021-23858 was published May 24, 2022

ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to... High Unreviewed

CVE-2021-41297 was published May 24, 2022

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker... High Unreviewed

CVE-2021-40655 was published May 24, 2022

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... High Unreviewed

CVE-2021-28498 was published May 24, 2022

Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),... High Unreviewed

CVE-2021-39289 was published May 24, 2022

Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power... High Unreviewed

CVE-2021-35529 was published May 24, 2022

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers... High Unreviewed

CVE-2021-38165 was published May 24, 2022

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2... High Unreviewed

CVE-2021-27491 was published May 24, 2022

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2... High Unreviewed

CVE-2021-27495 was published May 24, 2022

On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch,... High Unreviewed

CVE-2020-16839 was published May 24, 2022

Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage... High Unreviewed

CVE-2020-5315 was published May 24, 2022

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and... High Unreviewed

CVE-2020-12734 was published May 24, 2022

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user... High Unreviewed

CVE-2021-20439 was published May 24, 2022

Password autocomplete vulnerability in the web application password field of Hitachi ABB Power... High Unreviewed

CVE-2021-35527 was published May 24, 2022

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all... High Unreviewed

CVE-2021-22780 was published May 24, 2022

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all... High Unreviewed

CVE-2021-22778 was published May 24, 2022

IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could... High Unreviewed

CVE-2021-20415 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

303 advisories