Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Loading
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed
CVE-2021-41023 was published May 24, 2022
MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability... Moderate Unreviewed
CVE-2020-23036 was published May 24, 2022
On systems running Arista EOS and CloudEOS with the affected release version, when using shared... Moderate Unreviewed
CVE-2021-28496 was published May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed
CVE-2021-38179 was published May 24, 2022
A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below... Moderate Unreviewed
CVE-2021-36178 was published May 24, 2022
Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure... Moderate Unreviewed
CVE-2021-36309 was published May 24, 2022
The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed
CVE-2021-39342 was published May 24, 2022
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may... Moderate Unreviewed
CVE-2021-21522 was published May 24, 2022
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user... Moderate Unreviewed
CVE-2021-40654 was published May 24, 2022
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed
CVE-2021-1589 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed
CVE-2021-20434 was published May 24, 2022
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed
CVE-2021-38863 was published May 24, 2022
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials... Moderate Unreviewed
CVE-2021-29811 was published May 24, 2022
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows... Moderate Unreviewed
CVE-2021-39458 was published May 24, 2022
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... Moderate Unreviewed
CVE-2021-28499 was published May 24, 2022
An API issue in Accessibility TCC permissions was addressed with improved state management. This... Moderate Unreviewed
CVE-2021-1873 was published May 24, 2022
A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network ... Moderate Unreviewed
CVE-2021-34733 was published May 24, 2022
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete... Moderate Unreviewed
CVE-2021-34560 was published May 24, 2022
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows... Moderate Unreviewed
CVE-2021-32003 was published May 24, 2022
NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating... Moderate Unreviewed
CVE-2021-37452 was published May 24, 2022
A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an... Moderate Unreviewed
CVE-2021-34700 was published May 24, 2022
DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of... Moderate Unreviewed
CVE-2020-12732 was published May 24, 2022
Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all... Moderate Unreviewed
CVE-2021-22781 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database