Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away... High Unreviewed
CVE-2020-8225 was published May 24, 2022
The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the... High Unreviewed
CVE-2020-27613 was published May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in... Moderate Unreviewed
CVE-2020-6648 was published May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1... Moderate Unreviewed
CVE-2020-8276 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored... High Unreviewed
CVE-2020-26551 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921... Moderate Unreviewed
CVE-2020-27557 was published May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2... Moderate Unreviewed
CVE-2020-28917 was published May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,... Moderate Unreviewed
CVE-2020-25677 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1... Moderate Unreviewed
CVE-2019-4738 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that... Moderate Unreviewed
CVE-2020-4843 was published May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by... Moderate Unreviewed
CVE-2020-13473 was published May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an... High Unreviewed
CVE-2018-19941 was published May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext. Moderate Unreviewed
CVE-2020-23249 was published May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text... Moderate Unreviewed
CVE-2020-29489 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29500 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29501 was published May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage... Moderate Unreviewed
CVE-2020-29502 was published May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in... Moderate Unreviewed
CVE-2020-25678 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24577 was published May 24, 2022
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users... High Unreviewed
CVE-2020-5805 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs... High Unreviewed
CVE-2020-5018 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL... Moderate Unreviewed
CVE-2019-4687 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database