Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

298 advisories

Loading
A credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3... High Unreviewed
CVE-2022-41575 was published Oct 21, 2022
On cSRX Series devices software permission issues in the container filesystem and stored files... High Unreviewed
CVE-2022-22251 was published Oct 18, 2022
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete... High Unreviewed
CVE-2019-14840 was published Oct 17, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2),... High Unreviewed
CVE-2022-38465 was published Oct 11, 2022
IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in... High Unreviewed
CVE-2022-39168 was published Sep 30, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API. High Unreviewed
CVE-2020-15341 was published Sep 30, 2022
Chipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect... High Unreviewed
CVE-2022-37193 was published Sep 28, 2022
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the... High Unreviewed
CVE-2021-20260 was published Aug 27, 2022
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who... High Unreviewed
CVE-2022-34838 was published Aug 25, 2022
Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all... High Unreviewed
CVE-2022-30296 was published Aug 19, 2022
Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all... High Unreviewed
CVE-2022-26844 was published Aug 19, 2022
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static... High Unreviewed
CVE-2022-36524 was published Aug 16, 2022
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to... High Unreviewed
CVE-2022-31205 was published Jul 27, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28371 was published Jul 15, 2022
Implemented protections on AWS credentials that were not properly protected. High Unreviewed
CVE-2022-22998 was published Jul 13, 2022
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its... High Unreviewed
CVE-2022-1794 was published Jul 12, 2022
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3... High Unreviewed
CVE-2022-22396 was published Jun 7, 2022
Specific BD Pyxis™ products were installed with default credentials and may presently still... High Unreviewed
CVE-2022-22767 was published Jun 3, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments... High Unreviewed
CVE-2022-22557 was published Jun 3, 2022
An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get... High Unreviewed
CVE-2020-8994 was published May 24, 2022
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7... High Unreviewed
CVE-2021-40503 was published May 24, 2022
Information exposure through process environment vulnerability in Synology Calendar before 2.3.3... High Unreviewed
CVE-2019-11820 was published May 24, 2022
A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30... High Unreviewed
CVE-2021-35033 was published May 24, 2022
A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an... High Unreviewed
CVE-2021-3787 was published May 24, 2022
In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users... High Unreviewed
CVE-2021-42557 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database