GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
38 advisories
Filter by severity
The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a...
High
Unreviewed
CVE-2021-42913
was published
Dec 21, 2021
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be...
High
Unreviewed
CVE-2022-25264
was published
Feb 26, 2022
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low...
High
Unreviewed
CVE-2017-7253
was published
May 13, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in...
High
Unreviewed
CVE-2019-5626
was published
May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high...
High
Unreviewed
CVE-2020-15775
was published
May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information...
High
Unreviewed
CVE-2020-25966
was published
May 24, 2022
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
High
Unreviewed
CVE-2021-25776
was published
May 24, 2022
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files ...
High
Unreviewed
CVE-2021-25276
was published
May 24, 2022
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information...
High
Unreviewed
CVE-2021-22914
was published
May 24, 2022
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),...
High
Unreviewed
CVE-2021-39289
was published
May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect...
High
Unreviewed
CVE-2021-28813
was published
May 24, 2022
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6...
High
Unreviewed
CVE-2020-8481
was published
May 24, 2022
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server...
High
Unreviewed
CVE-2022-28168
was published
Jun 28, 2022
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such...
High
Unreviewed
CVE-2022-37835
was published
Sep 13, 2022
Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view...
High
Unreviewed
CVE-2021-36546
was published
Feb 3, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may...
High
Unreviewed
CVE-2022-44619
was published
May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may...
High
Unreviewed
CVE-2022-43475
was published
May 10, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions...
High
Unreviewed
CVE-2022-46484
was published
Aug 2, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile...
High
Unreviewed
CVE-2023-40728
was published
Sep 14, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information...
High
Unreviewed
CVE-2023-37879
was published
Sep 15, 2023
** UNSUPPPORTED WHEN ASSIGNED **
Sending some requests in the web application of the...
High
Unreviewed
CVE-2023-41965
was published
Sep 18, 2023
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows...
High
Unreviewed
CVE-2023-32184
was published
Sep 19, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to...
High
Unreviewed
CVE-2023-45182
was published
Dec 14, 2023
ProTip!
Advisories are also available from the
GraphQL API