GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,797

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

310 advisories

Filter by severity

Sort by

Least recently updated

Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to... Moderate Unreviewed

CVE-2021-27204 was published May 24, 2022

TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials... Moderate Unreviewed

CVE-2021-27210 was published May 24, 2022

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the... Moderate Unreviewed

CVE-2021-28858 was published May 24, 2022

The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN... Moderate Unreviewed

CVE-2020-36248 was published May 24, 2022

An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6... Moderate Unreviewed

CVE-2021-25645 was published May 24, 2022

IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-29683 was published May 24, 2022

In Versa Director, the unencrypted backup files stored on the Versa deployment contain... Moderate Unreviewed

CVE-2018-16498 was published May 24, 2022

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in... Moderate Unreviewed

CVE-2021-27487 was published May 24, 2022

SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A... Moderate Unreviewed

CVE-2021-28979 was published May 24, 2022

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1... Moderate Unreviewed

CVE-2021-29956 was published May 24, 2022

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC... Moderate Unreviewed

CVE-2021-3473 was published May 24, 2022

Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored... Moderate Unreviewed

CVE-2021-31539 was published May 24, 2022

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text... Moderate Unreviewed

CVE-2021-21547 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror... Moderate Unreviewed

CVE-2021-22206 was published May 24, 2022

In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to... Moderate Unreviewed

CVE-2021-36158 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be... Moderate Unreviewed

CVE-2021-20510 was published May 24, 2022

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by... Moderate Unreviewed

CVE-2021-31581 was published May 24, 2022

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix... Moderate Unreviewed

CVE-2021-33325 was published May 24, 2022

UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle... Moderate Unreviewed

CVE-2020-36473 was published May 24, 2022

A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs... Moderate Unreviewed

CVE-2021-3585 was published Aug 27, 2022

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed

CVE-2021-40087 was published May 24, 2022

The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all... Moderate Unreviewed

CVE-2021-32942 was published May 24, 2022

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed

CVE-2021-36096 was published May 24, 2022

An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed

CVE-2021-1865 was published May 24, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre... Moderate Unreviewed

CVE-2021-23182 was published May 24, 2022

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

310 advisories