Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

641 advisories

Loading
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS... High Unreviewed
CVE-2018-19981 was published May 13, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not... Moderate Unreviewed
CVE-2015-5537 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext... High Unreviewed
CVE-2016-0876 was published May 13, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be... Moderate Unreviewed
CVE-2018-1882 was published May 13, 2022
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions... High Unreviewed
CVE-2022-28214 was published May 12, 2022
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. Low Unreviewed
CVE-2022-28162 was published May 10, 2022
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass.... Moderate Unreviewed
CVE-2022-29868 was published May 10, 2022
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the... Moderate Unreviewed
CVE-2010-0225 was published May 2, 2022
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie,... Moderate Unreviewed
CVE-2009-2272 was published May 2, 2022
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party... Moderate Unreviewed
CVE-2009-1603 was published May 2, 2022
Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in... Low Unreviewed
CVE-2009-1466 was published May 2, 2022
UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the... Moderate Unreviewed
CVE-2009-0964 was published May 2, 2022
iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM)... Moderate Unreviewed
CVE-2009-0152 was published May 2, 2022
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish... Low Unreviewed
CVE-2008-1567 was published May 1, 2022
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication,... Moderate Unreviewed
CVE-2008-0174 was published May 1, 2022
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and ... Moderate Unreviewed
CVE-2007-5778 was published May 1, 2022
Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext... Low Unreviewed
CVE-2005-2209 was published May 1, 2022
IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to... Moderate Unreviewed
CVE-2005-2160 was published May 1, 2022
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file,... High Unreviewed
CVE-2005-1828 was published May 1, 2022
phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie,... Moderate Unreviewed
CVE-2002-1800 was published Apr 30, 2022
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a... Low Unreviewed
CVE-2002-1696 was published Apr 30, 2022
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for... Moderate Unreviewed
CVE-2001-1536 was published Apr 30, 2022
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores... Moderate Unreviewed
CVE-2001-1537 was published Apr 30, 2022
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file,... High Unreviewed
CVE-2001-1481 was published Apr 30, 2022
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1,... Moderate Unreviewed
CVE-2004-2397 was published Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database