Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
An uspecified endpoint in the web server of the switch does not properly authenticate the user... High Unreviewed
CVE-2023-24498 was published Feb 15, 2023
Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through... High Unreviewed
CVE-2023-23463 was published Feb 15, 2023
Media CP Media Control Panel latest version. Insufficiently protected credential change. High Unreviewed
CVE-2023-23466 was published Feb 15, 2023
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key... High Unreviewed
CVE-2019-0881 was published May 24, 2022
Tridium Niagara AX Framework does not properly store credential data, which allows context... High Unreviewed
CVE-2012-4028 was published May 17, 2022
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in... High Unreviewed
CVE-2022-48433 was published Mar 29, 2023
Jenkins Zulip Plugin vulnerable to Insufficiently Protected Credentials High
CVE-2019-10476 was published for org.jenkins-ci.plugins:zulip (Maven) May 24, 2022
tdunlap607
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in... High Unreviewed
CVE-2023-1137 was published Mar 27, 2023
CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being... High Unreviewed
CVE-2023-1518 was published Mar 28, 2023
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8... High Unreviewed
CVE-2017-16731 was published May 13, 2022
Password autocomplete vulnerability in the web application password field of Hitachi ABB Power... High Unreviewed
CVE-2021-35527 was published May 24, 2022
Insufficiently Protected Credentials vulnerability in client environment of Hitachi ABB Power... High Unreviewed
CVE-2021-35529 was published May 24, 2022
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker... High Unreviewed
CVE-2020-3180 was published May 24, 2022
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its... High Unreviewed
CVE-2022-1794 was published Jul 12, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F... High Unreviewed
CVE-2023-0457 was published Mar 3, 2023
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line,... High Unreviewed
CVE-2021-28498 was published May 24, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments... High Unreviewed
CVE-2022-22557 was published Jun 3, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
An unauthorized user with network access and the decryption key could decrypt sensitive data,... High Unreviewed
CVE-2022-38469 was published Jan 18, 2023
Windows AppContainer Elevation Of Privilege Vulnerability High Unreviewed
CVE-2021-40476 was published May 24, 2022
Containous Traefik Exposes Password Hashes High
CVE-2019-12452 was published for github.com/traefik/traefik (Go) May 24, 2022
Sensitive data exposure in NATS High
CVE-2020-26149 was published for nats (npm) Oct 8, 2020
Password exposure in ShenYu High
CVE-2022-23223 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin High
CVE-2019-10448 was published for jenkins.xtc:extensivetesting (Maven) May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x... High Unreviewed
CVE-2020-26515 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database