Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on... High Unreviewed
CVE-2024-3625 was published Apr 25, 2024
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's... High Unreviewed
CVE-2024-3624 was published Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is... High Unreviewed
CVE-2024-3622 was published Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret... High Unreviewed
CVE-2024-3623 was published Apr 25, 2024
Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a... Critical Unreviewed
CVE-2024-23486 was published Apr 15, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-28782 was published Apr 3, 2024
In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text... Moderate Unreviewed
CVE-2024-25138 was published Mar 27, 2024
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2024-22312 was published Feb 10, 2024
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read... High Unreviewed
CVE-2023-6518 was published Feb 8, 2024
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive... Moderate Unreviewed
CVE-2023-31002 was published Feb 7, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed
CVE-2024-21869 was published Feb 2, 2024
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config... High Unreviewed
CVE-2024-22432 was published Jan 25, 2024
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local... Moderate Unreviewed
CVE-2023-44300 was published Dec 4, 2023
Clear Text Credentials Exposed via Onboarding Task Moderate
CVE-2023-48700 was published for nautobot-device-onboarding (pip) Nov 21, 2023
whitej6 jeffkala
bryanculver scetron glennmatthews
EisBaer Scada - CWE-256: Plaintext Storage of a Password Critical Unreviewed
CVE-2023-42493 was published Oct 25, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed
CVE-2023-43777 was published Oct 17, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed
CVE-2023-27315 was published Oct 12, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed
CVE-2022-47561 was published Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly... High Unreviewed
CVE-2023-39452 was published Sep 18, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages... High Unreviewed
CVE-2022-3261 was published Sep 15, 2023
A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic.... Moderate Unreviewed
CVE-2023-4984 was published Sep 15, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
Keycloak vulnerable to Plaintext Storage of User Password High
CVE-2023-4918 was published for org.keycloak:keycloak-core (Maven) Sep 12, 2023
dasniko lme-atolcd
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could... High Unreviewed
CVE-2023-39227 was published Sep 11, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System... High Unreviewed
CVE-2023-35067 was published Jul 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database