Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and... High Unreviewed
CVE-2018-5543 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11... High Unreviewed
CVE-2018-4190 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... High Unreviewed
CVE-2018-4170 was published May 13, 2022
ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows... High Unreviewed
CVE-2018-19795 was published May 13, 2022
Squash TM through 1.18.0 presents the cleartext passwords of external services in the... High Unreviewed
CVE-2018-16987 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in... High Unreviewed
CVE-2018-1377 was published May 13, 2022
Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC... High Unreviewed
CVE-2018-13014 was published May 13, 2022
Previous releases of the Puppet device_manager module creates configuration files containing... High Unreviewed
CVE-2018-11748 was published May 13, 2022
Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin... High Unreviewed
CVE-2018-11639 was published May 13, 2022
Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3... High Unreviewed
CVE-2018-11634 was published May 13, 2022
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. High Unreviewed
CVE-2018-10814 was published May 13, 2022
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow... High Unreviewed
CVE-2018-10355 was published May 13, 2022
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding,... High Unreviewed
CVE-2018-10327 was published May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS... High Unreviewed
CVE-2018-10286 was published May 13, 2022
Jenkins Configuration as Code Plugin has Insufficiently Protected Credentials High
CVE-2018-1000610 was published for io.jenkins:configuration-as-code (Maven) May 13, 2022
AWS CodeDeploy Plugin stored AWS Secret Key in plain text High
CVE-2018-1000403 was published for com.amazonaws:codedeploy (Maven) May 13, 2022
westonsteimel
Jenkins AWS CodePipeline Plugin has Insufficiently Protected Credentials High
CVE-2018-1000401 was published for com.amazonaws:aws-codepipeline (Maven) May 13, 2022
Insufficiently Protected Credentials in Jenkins AWS CodeBuild Plugin High
CVE-2018-1000404 was published for com.amazonaws:aws-codebuild (Maven) May 13, 2022
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due... High Unreviewed
CVE-2018-0828 was published May 13, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of... High Unreviewed
CVE-2017-8296 was published May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA... High Unreviewed
CVE-2017-8222 was published May 13, 2022
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to... High Unreviewed
CVE-2017-7547 was published May 13, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed
CVE-2017-6528 was published May 13, 2022
Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH,... High Unreviewed
CVE-2017-5700 was published May 13, 2022
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a... High Unreviewed
CVE-2017-1779 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database