Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

388 advisories

Loading
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and... Moderate Unreviewed
CVE-2016-9360 was published May 13, 2022
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4... Moderate Unreviewed
CVE-2017-12127 was published May 13, 2022
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Moderate Unreviewed
CVE-2013-7052 was published May 5, 2022
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Moderate Unreviewed
CVE-2013-7055 was published May 5, 2022
CloudForms stores user passwords in recoverable format Moderate Unreviewed
CVE-2013-4423 was published May 5, 2022
Claws Mail vCalendar plugin: credentials exposed on interface Moderate Unreviewed
CVE-2012-5527 was published Apr 23, 2022
A malicious actor having access to the exported configuration file may obtain the stored... Moderate Unreviewed
CVE-2022-27179 was published Apr 21, 2022
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in... Moderate Unreviewed
CVE-2021-3681 was published Apr 19, 2022
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An... Moderate Unreviewed
CVE-2022-22550 was published Apr 13, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a... Moderate Unreviewed
CVE-2021-45892 was published Apr 6, 2022
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Moderate Unreviewed
CVE-2022-28651 was published Apr 6, 2022
McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to... Moderate Unreviewed
CVE-2022-0859 was published Mar 24, 2022
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise... Moderate Unreviewed
CVE-2022-0862 was published Mar 24, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a... Moderate Unreviewed
CVE-2020-25184 was published Mar 19, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24506 was published Mar 10, 2022
A man-in-the-middle attacker can inject false responses to the client's first few queries,... Moderate Unreviewed
CVE-2021-23222 was published Mar 4, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that... Moderate Unreviewed
CVE-2022-22321 was published Mar 2, 2022
SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read... Moderate Unreviewed
CVE-2022-22908 was published Feb 27, 2022
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-39026 was published Feb 19, 2022
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to... Moderate Unreviewed
CVE-2022-24982 was published Feb 17, 2022
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0... Moderate Unreviewed
CVE-2021-33107 was published Feb 11, 2022
An insufficiently protected credentials vulnerability exists in the Palo Alto Networks... Moderate Unreviewed
CVE-2022-0019 was published Feb 11, 2022
Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials... Moderate Unreviewed
CVE-2022-22554 was published Jan 25, 2022
An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed
CVE-2021-23207 was published Jan 22, 2022
Users with appropriate file access may be able to access unencrypted user credentials saved by... Moderate Unreviewed
CVE-2021-32039 was published Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database