Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in... High Unreviewed
CVE-2017-1309 was published May 13, 2022
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous... Moderate Unreviewed
CVE-2017-14990 was published May 13, 2022
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true"... High Unreviewed
CVE-2017-16835 was published May 13, 2022
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5810 was published May 24, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of... Moderate Unreviewed
CVE-2017-2723 was published May 13, 2022
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the... High Unreviewed
CVE-2022-37785 was published Jan 1, 2023
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital... Moderate Unreviewed
CVE-2018-10812 was published May 13, 2022
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally... Moderate Unreviewed
CVE-2018-11242 was published May 13, 2022
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non... Moderate Unreviewed
CVE-2018-19279 was published May 13, 2022
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management... Critical Unreviewed
CVE-2018-18394 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before... Critical Unreviewed
CVE-2018-18641 was published May 13, 2022
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to... High Unreviewed
CVE-2018-9065 was published May 13, 2022
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability... High Unreviewed
CVE-2022-33928 was published Aug 11, 2022
"IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2022-34339 was published Nov 4, 2022
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log... Moderate Unreviewed
CVE-2022-2805 was published Oct 19, 2022
Passwords stored in plain text by Jenkins view-cloner Plugin Moderate
CVE-2023-24450 was published for org.jenkins-ci.plugins:view-cloner (Maven) Jan 26, 2023
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU... High Unreviewed
CVE-2021-20827 was published Dec 25, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and... Moderate Unreviewed
CVE-2021-20162 was published Dec 31, 2021
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could... Moderate Unreviewed
CVE-2021-35035 was published Dec 30, 2021
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and... Moderate Unreviewed
CVE-2021-20171 was published Dec 31, 2021
A vulnerability in the information storage architecture of several Cisco IP Phone models could... Moderate Unreviewed
CVE-2022-20660 was published Jan 15, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E ... Moderate Unreviewed
CVE-2022-23129 was published Jan 22, 2022
When the Windows Tentacle docker image starts up it logs all the commands that it runs along with... Moderate Unreviewed
CVE-2021-31821 was published Jan 20, 2022
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and... High Unreviewed
CVE-2022-22789 was published Jan 26, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42642 was published Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database