Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,080 advisories

Loading
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does... Moderate Unreviewed
CVE-2012-5627 was published May 17, 2022
Insufficiently Protected Credentials in PowerJob High
CVE-2020-28865 was published for com.github.kfcfans:powerjob (Maven) Jun 17, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed
CVE-2022-30231 was published Jun 15, 2022
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate... Moderate Unreviewed
CVE-2022-1342 was published Jun 16, 2022
Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all... High Unreviewed
CVE-2022-30296 was published Aug 19, 2022
Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions... Moderate Unreviewed
CVE-2022-29507 was published Aug 19, 2022
An information disclosure vulnerability exists in the License registration functionality of... Moderate Unreviewed
CVE-2022-21184 was published Jun 18, 2022
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active... Moderate Unreviewed
CVE-2021-30651 was published Jun 25, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the... Moderate Unreviewed
CVE-2022-33953 was published Jun 25, 2022
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2022-2221 was published Jun 28, 2022
Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker... Critical Unreviewed
CVE-2022-31887 was published Jun 29, 2022
Implemented protections on AWS credentials that were not properly protected. High Unreviewed
CVE-2022-22998 was published Jul 13, 2022
Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS... Critical Unreviewed
CVE-2021-41506 was published Jul 1, 2022
HCL Launch stores user credentials in plain clear text which can be read by a local user. Moderate Unreviewed
CVE-2022-27548 was published Jul 7, 2022
The default password for the web application’s root user (the vendor’s private account) was weak... Moderate Unreviewed
CVE-2022-1666 was published Jun 25, 2022
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an... Critical Unreviewed
CVE-2022-2103 was published Jun 25, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28371 was published Jul 15, 2022
An attacker with physical access to the host can extract the secrets from the registry and create... Moderate Unreviewed
CVE-2021-23207 was published Jan 22, 2022
The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed
CVE-2021-23196 was published Jan 22, 2022
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials... Moderate Unreviewed
CVE-2022-22983 was published Aug 11, 2022
A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it... High Unreviewed
CVE-2020-8183 was published May 24, 2022
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to... High Unreviewed
CVE-2022-31205 was published Jul 27, 2022
BigFix Web Reports authorized users may see SMTP credentials in clear text. Moderate Unreviewed
CVE-2022-27544 was published Jul 20, 2022
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an... High Unreviewed
CVE-2020-8259 was published May 24, 2022
homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed
CVE-2020-24396 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database