Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

466 advisories

Loading
A vulnerability has been found in CESNET theme-cesnet up to 1.x and classified as problematic.... Moderate Unreviewed
CVE-2016-15014 was published Jan 7, 2023
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed
CVE-2021-36317 was published Dec 22, 2021
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed
CVE-2022-30944 was published Aug 19, 2022
A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT ... Moderate Unreviewed
CVE-2019-6567 was published May 24, 2022
Insufficiently Protected Credentials vulnerability in the remote backups application on Western... Moderate Unreviewed
CVE-2022-29839 was published Dec 9, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear... Moderate Unreviewed
CVE-2022-22458 was published Dec 23, 2022
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the... Moderate Unreviewed
CVE-2019-16371 was published May 24, 2022
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed
CVE-2019-15635 was published May 24, 2022
Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control... Moderate Unreviewed
CVE-2018-21031 was published May 24, 2022
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete... Moderate Unreviewed
CVE-2021-34560 was published May 24, 2022
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware... Moderate Unreviewed
CVE-2019-15801 was published May 24, 2022
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management.... Moderate Unreviewed
CVE-2019-18832 was published May 24, 2022
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600;... Moderate Unreviewed
CVE-2020-1871 was published May 24, 2022
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by... Moderate Unreviewed
CVE-2020-6954 was published May 24, 2022
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5... Moderate Unreviewed
CVE-2019-6700 was published May 24, 2022
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An... Moderate Unreviewed
CVE-2019-19857 was published May 24, 2022
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine... Moderate Unreviewed
CVE-2020-8422 was published May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed
CVE-2020-8657 was published May 24, 2022
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. Moderate Unreviewed
CVE-2020-7908 was published May 24, 2022
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed
CVE-2022-45424 was published Dec 27, 2022
Password stored in plain text by Applatix Plugin Moderate
CVE-2020-2133 was published for com.applatix.jenkins:applatix (Maven) May 24, 2022
NotMyFault
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some... Moderate Unreviewed
CVE-2020-5182 was published May 24, 2022
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes... Moderate Unreviewed
CVE-2020-8988 was published May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS... Moderate Unreviewed
CVE-2020-3841 was published May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480... Moderate Unreviewed
CVE-2019-9104 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database