Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed
CVE-2021-41023 was published May 24, 2022
Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext,... High Unreviewed
CVE-2021-38422 was published May 24, 2022
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote... High Unreviewed
CVE-2021-37842 was published May 24, 2022
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2021-38949 was published May 24, 2022
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed
CVE-2021-25502 was published May 24, 2022
A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because... High Unreviewed
CVE-2021-42370 was published May 24, 2022
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed
CVE-2020-10053 was published May 24, 2022
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config... High Unreviewed
CVE-2021-37157 was published May 24, 2022
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’... Moderate Unreviewed
CVE-2020-3935 was published May 24, 2022
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs,... Critical Unreviewed
CVE-2021-29954 was published May 24, 2022
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20... Moderate Unreviewed
CVE-2022-35279 was published Nov 4, 2022
A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored... Critical Unreviewed
CVE-2022-43958 was published Nov 8, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Jenkins Delphix Plugin vulnerable to Cleartext credential storage High
CVE-2019-10453 was published for org.jenkins-ci.plugins:delphix (Maven) May 24, 2022
IXPdata EasyInstall 6.6.14725 contains an access control issue. High Unreviewed
CVE-2022-35120 was published Dec 2, 2022
Rancher API and cluster.management.cattle.io object vulnerable to plaintext storage and exposure of credentials Critical
CVE-2021-36782 was published for github.com/rancher/rancher (Go) Sep 23, 2022
The vCenter Server contains an information disclosure vulnerability due to the logging of... Moderate Unreviewed
CVE-2022-31697 was published Dec 13, 2022
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass.... Moderate Unreviewed
CVE-2022-29868 was published May 10, 2022
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. Low Unreviewed
CVE-2022-28162 was published May 10, 2022
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions... High Unreviewed
CVE-2022-28214 was published May 12, 2022
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed
CVE-2021-41302 was published May 24, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext... High Unreviewed
CVE-2016-0876 was published May 13, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be... Moderate Unreviewed
CVE-2018-1882 was published May 13, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A... Moderate Unreviewed
CVE-2022-29090 was published Aug 11, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not... Moderate Unreviewed
CVE-2015-5537 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database