GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
335 advisories
Filter by severity
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text...
Moderate
Unreviewed
CVE-2021-21590
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text...
Moderate
Unreviewed
CVE-2021-21591
was published
May 24, 2022
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve...
Moderate
Unreviewed
CVE-2021-31857
was published
May 24, 2022
A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an...
Moderate
Unreviewed
CVE-2021-1537
was published
May 24, 2022
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when...
Moderate
Unreviewed
CVE-2020-27831
was published
May 24, 2022
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an...
Moderate
Unreviewed
CVE-2021-29253
was published
May 24, 2022
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive...
Moderate
Unreviewed
CVE-2019-25030
was published
May 24, 2022
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass...
Moderate
Unreviewed
CVE-2021-29138
was published
May 24, 2022
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default...
Moderate
Unreviewed
CVE-2021-22115
was published
May 24, 2022
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift...
Moderate
Unreviewed
CVE-2019-10225
was published
May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain...
Moderate
Unreviewed
CVE-2020-35454
was published
May 24, 2022
PFX Encryption Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2021-1731
was published
May 24, 2022
IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due...
Moderate
Unreviewed
CVE-2021-20445
was published
May 24, 2022
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2,...
Moderate
Unreviewed
CVE-2020-14391
was published
May 24, 2022
1Password SCIM Bridge before 1.6.2 mishandles validation of requests for log files.
Moderate
Unreviewed
CVE-2021-26905
was published
May 24, 2022
An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as...
Moderate
Unreviewed
CVE-2020-10538
was published
May 24, 2022
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in...
Moderate
Unreviewed
CVE-2020-10375
was published
May 24, 2022
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets,...
Moderate
Unreviewed
CVE-2021-3130
was published
May 24, 2022
SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin...
Moderate
Unreviewed
CVE-2020-27270
was published
May 24, 2022
The My AIA SG application 1.2.6 for Android allows attackers to obtain user credentials via...
Moderate
Unreviewed
CVE-2020-29598
was published
May 24, 2022
The Junos Space Network Management Platform has been found to store shared secrets in a...
Moderate
Unreviewed
CVE-2021-0220
was published
May 24, 2022
An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally...
Moderate
Unreviewed
CVE-2021-0212
was published
May 24, 2022
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ...
Moderate
Unreviewed
CVE-2021-1126
was published
May 24, 2022
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be...
Moderate
Unreviewed
CVE-2020-4602
was published
May 24, 2022
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for...
Moderate
Unreviewed
CVE-2021-21448
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API