Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,877
Erlang
37
GitHub Actions
38
Go
2,532
Maven
5,000+
npm
4,191
NuGet
742
pip
3,970
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,185 advisories

Loading
A malicious actor having access to the exported configuration file may obtain the stored... Moderate Unreviewed
CVE-2022-27179 was published Apr 21, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when... Moderate Unreviewed
CVE-2020-27831 was published May 24, 2022
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed
CVE-2021-1589 was published May 24, 2022
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,... Moderate Unreviewed
CVE-2021-3130 was published May 24, 2022
AWS CodeDeploy Plugin stored AWS Secret Key in plain text High
CVE-2018-1000403 was published for com.amazonaws:codedeploy (Maven) May 13, 2022
westonsteimel
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7306 was published May 24, 2022
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin Moderate
CVE-2020-2129 was published for com.mobileenerlytics.eagle.tester:eagle-tester (Maven) May 24, 2022
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for... Moderate Unreviewed
CVE-2021-21448 was published May 24, 2022
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the... High Unreviewed
CVE-2021-3131 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... High Unreviewed
CVE-2020-35455 was published May 24, 2022
1Password SCIM Bridge before 1.6.2 mishandles validation of requests for log files. Moderate Unreviewed
CVE-2021-26905 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22351 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows... Critical Unreviewed
CVE-2020-21994 was published May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis Moderate
CVE-2020-10727 was published for org.apache.activemq:artemis-commons (Maven) May 24, 2022
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01... Critical Unreviewed
CVE-2021-27734 was published May 24, 2022
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22324 was published May 24, 2022
The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in... High Unreviewed
CVE-2020-29323 was published May 24, 2022
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29322 was published May 24, 2022
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-29138 was published May 24, 2022
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful... High Unreviewed
CVE-2021-22370 was published May 24, 2022
NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating... Moderate Unreviewed
CVE-2021-37452 was published May 24, 2022
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows... High Unreviewed
CVE-2020-35580 was published May 24, 2022
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of... Moderate Unreviewed
CVE-2020-12732 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... Moderate Unreviewed
CVE-2020-35454 was published May 24, 2022
The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through... High Unreviewed
CVE-2020-29321 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database