Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as... Critical Unreviewed
CVE-2023-31069 was published Sep 11, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed
CVE-2023-40715 was published Sep 13, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed
CVE-2023-2358 was published Sep 27, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security... Moderate Unreviewed
CVE-2023-4066 was published Sep 27, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed
CVE-2023-41964 was published Oct 10, 2023
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows... High Unreviewed
CVE-2023-44037 was published Oct 14, 2023
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed
CVE-2020-10273 was published May 24, 2022
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed
CVE-2023-31925 was published Aug 31, 2023
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext... Moderate Unreviewed
CVE-2023-32448 was published May 30, 2023
Electrolink transmitters store credentials in clear-text. Use of these credentials could allow... High Unreviewed
CVE-2024-3742 was published Apr 19, 2024
Sentry vulnerable to leaking superuser cleartext password in logs High
CVE-2024-32474 was published for sentry (pip) Apr 18, 2024
lluuaapp
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This... Low Unreviewed
CVE-2024-4235 was published Apr 26, 2024
NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27370 was published May 3, 2024
UltraLog Express device management software stores user’s information in cleartext. Any user can... Moderate Unreviewed
CVE-2020-3921 was published May 24, 2022
Password confirmation stored in plain text via registration form in statamic/cms Low
CVE-2024-36119 was published for statamic/cms (Composer) Jun 2, 2024
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack)... Moderate Unreviewed
CVE-2022-2513 was published Jul 6, 2023
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
Password exposure in H2 Database High
CVE-2022-45868 was published for com.h2database:h2 (Maven) Nov 23, 2022
mrjonstrong pjfanning
amita-seal
The Kiuwan Local Analyzer (KLA) Java scanning application contains several hard-coded secrets in... High Unreviewed
CVE-2023-49113 was published Jun 20, 2024
The decrypted configuration file contains the password in cleartext which is used to configure... Critical Unreviewed
CVE-2024-36497 was published Jun 24, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2024-25023 was published Jul 10, 2024
Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-39674 was published Jul 25, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords... Moderate Unreviewed
CVE-2024-31840 was published May 21, 2024
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database