GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
286 advisories
Filter by severity
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP...
High
Unreviewed
CVE-2019-9868
was published
May 13, 2022
Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading...
High
Unreviewed
CVE-2019-7300
was published
May 13, 2022
** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password...
High
Unreviewed
CVE-2019-6242
was published
May 13, 2022
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated...
High
Unreviewed
CVE-2019-10630
was published
May 13, 2022
The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in...
High
Unreviewed
CVE-2018-18656
was published
May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain...
High
Unreviewed
CVE-2018-17500
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager...
High
Unreviewed
CVE-2018-0474
was published
May 13, 2022
An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway...
High
Unreviewed
CVE-2019-6549
was published
May 13, 2022
Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication...
High
Unreviewed
CVE-2019-3782
was published
May 13, 2022
Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains...
High
Unreviewed
CVE-2019-3780
was published
May 13, 2022
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as...
High
Unreviewed
CVE-2019-0035
was published
May 13, 2022
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session...
High
Unreviewed
CVE-2018-20781
was published
May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to...
High
Unreviewed
CVE-2017-9557
was published
May 13, 2022
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and...
High
Unreviewed
CVE-2018-13822
was published
May 13, 2022
An exploitable clear text transmission of password vulnerability exists in the web server and...
High
Unreviewed
CVE-2017-12123
was published
May 13, 2022
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of...
High
Unreviewed
CVE-2007-0681
was published
May 1, 2022
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by...
High
Unreviewed
CVE-2005-3435
was published
May 1, 2022
CGI Script Center News Update 1.1 does not properly validate the original news administration...
High
Unreviewed
CVE-2000-0944
was published
Apr 30, 2022
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access...
High
Unreviewed
CVE-1999-0013
was published
Apr 30, 2022
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A...
High
Unreviewed
CVE-2022-26856
was published
Apr 22, 2022
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701,...
High
Unreviewed
CVE-2022-29457
was published
Apr 19, 2022
Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on...
High
Unreviewed
CVE-2022-24978
was published
Apr 6, 2022
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose...
High
Unreviewed
CVE-2022-1026
was published
Apr 5, 2022
The programming protocol allows for a previously entered password and lock state to be read by an...
High
Unreviewed
CVE-2021-32978
was published
Apr 5, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but...
High
Unreviewed
CVE-2021-33024
was published
Apr 3, 2022
ProTip!
Advisories are also available from the
GraphQL API