GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,529

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

153 advisories

Filter by severity

Sort by

Least recently updated

The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It... High Unreviewed

CVE-2022-30275 was published Jul 27, 2022

LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed

CVE-2022-26307 was published Jul 26, 2022

The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed... High Unreviewed

CVE-2022-24660 was published Jul 21, 2022

Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access... High Unreviewed

CVE-2022-30626 was published Jul 19, 2022

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4... High Unreviewed

CVE-2021-45025 was published Jun 18, 2022

ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed

CVE-2021-41302 was published May 24, 2022

Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data... High Unreviewed

CVE-2021-35526 was published May 24, 2022

An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config... High Unreviewed

CVE-2021-37157 was published May 24, 2022

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because... High Unreviewed

CVE-2021-42370 was published May 24, 2022

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext,... High Unreviewed

CVE-2021-38422 was published May 24, 2022

metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote... High Unreviewed

CVE-2021-37842 was published May 24, 2022

Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The... High Unreviewed

CVE-2021-42763 was published May 24, 2022

Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile... High Unreviewed

CVE-2021-40527 was published May 24, 2022

Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear... High Unreviewed

CVE-2020-19137 was published May 24, 2022

In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured... High Unreviewed

CVE-2021-31820 was published May 24, 2022

An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control... High Unreviewed

CVE-2020-18759 was published May 24, 2022

In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. High Unreviewed

CVE-2021-37548 was published May 24, 2022

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before... High Unreviewed

CVE-2021-33323 was published May 24, 2022

An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary... High Unreviewed

CVE-2020-22741 was published May 24, 2022

The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt... High Unreviewed

CVE-2020-12731 was published May 24, 2022

When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed

CVE-2021-31817 was published May 24, 2022

When configuring Octopus Server if it is configured with an external SQL database, on initial... High Unreviewed

CVE-2021-31816 was published May 24, 2022

Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key... High Unreviewed

CVE-2021-29950 was published May 24, 2022

The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service... High Unreviewed

CVE-2020-29324 was published May 24, 2022

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect... High Unreviewed

CVE-2021-25644 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

153 advisories