GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
147 advisories
Filter by severity
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability...
High
Unreviewed
CVE-2023-26760
was published
Feb 27, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with...
High
Unreviewed
CVE-2022-34351
was published
Feb 17, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2022-41734
was published
Feb 17, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ...
High
Unreviewed
CVE-2022-34388
was published
Feb 11, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
High
Unreviewed
CVE-2022-48071
was published
Jan 27, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
High
Unreviewed
CVE-2022-48073
was published
Jan 27, 2023
In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in...
High
Unreviewed
CVE-2022-38112
was published
Jan 20, 2023
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the...
High
Unreviewed
CVE-2022-37785
was published
Jan 1, 2023
IXPdata EasyInstall 6.6.14725 contains an access control issue.
High
Unreviewed
CVE-2022-35120
was published
Dec 2, 2022
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password...
High
Unreviewed
CVE-2022-24188
was published
Nov 29, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 all...
High
Unreviewed
CVE-2022-25164
was published
Nov 25, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3...
High
Unreviewed
CVE-2022-29826
was published
Nov 25, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the...
High
Unreviewed
CVE-2022-42956
was published
Nov 7, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext...
High
Unreviewed
CVE-2022-42955
was published
Nov 7, 2022
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190...
High
Unreviewed
CVE-2022-2739
was published
Sep 2, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's...
High
Unreviewed
CVE-2022-37401
was published
Aug 16, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Guest...
High
Unreviewed
CVE-2022-2813
was published
Aug 16, 2022
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability...
High
Unreviewed
CVE-2022-33928
was published
Aug 11, 2022
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an...
High
Unreviewed
CVE-2022-34924
was published
Aug 3, 2022
The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It...
High
Unreviewed
CVE-2022-30275
was published
Jul 27, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration...
High
Unreviewed
CVE-2022-26307
was published
Jul 26, 2022
The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed...
High
Unreviewed
CVE-2022-24660
was published
Jul 21, 2022
Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access...
High
Unreviewed
CVE-2022-30626
was published
Jul 19, 2022
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4...
High
Unreviewed
CVE-2021-45025
was published
Jun 18, 2022
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the...
High
Unreviewed
CVE-2021-41302
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API