Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

641 advisories

Loading
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management... Critical Unreviewed
CVE-2018-18394 was published May 13, 2022
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally... Moderate Unreviewed
CVE-2018-11242 was published May 13, 2022
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital... Moderate Unreviewed
CVE-2018-10812 was published May 13, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of... Moderate Unreviewed
CVE-2017-2723 was published May 13, 2022
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true"... High Unreviewed
CVE-2017-16835 was published May 13, 2022
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous... Moderate Unreviewed
CVE-2017-14990 was published May 13, 2022
Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... High Unreviewed
CVE-2017-13663 was published May 13, 2022
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in... High Unreviewed
CVE-2017-1309 was published May 13, 2022
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used... Critical Unreviewed
CVE-2017-5249 was published May 13, 2022
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the... Critical Unreviewed
CVE-2017-5250 was published May 13, 2022
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and... High Unreviewed
CVE-2017-9663 was published May 13, 2022
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS)... High Unreviewed
CVE-2018-0089 was published May 13, 2022
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive... High Unreviewed
CVE-2018-10871 was published May 13, 2022
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the... Moderate Unreviewed
CVE-2018-17489 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-1621 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive... High Unreviewed
CVE-2018-1877 was published May 13, 2022
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always... Moderate Unreviewed
CVE-2018-5559 was published May 13, 2022
The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk... High Unreviewed
CVE-2017-3214 was published May 13, 2022
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81... Moderate Unreviewed
CVE-2019-5765 was published May 13, 2022
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee... Moderate Unreviewed
CVE-2019-3606 was published May 13, 2022
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1... Moderate Unreviewed
CVE-2019-3612 was published May 13, 2022
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010)... Critical Unreviewed
CVE-2019-0285 was published May 13, 2022
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which... High Unreviewed
CVE-2018-12572 was published May 13, 2022
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local... High Unreviewed
CVE-2018-19009 was published May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions... Moderate Unreviewed
CVE-2018-18984 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database