Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

466 advisories

Loading
IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser... Moderate Unreviewed
CVE-2022-34311 was published Feb 12, 2024
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance Moderate
CVE-2024-24595 was published for clearml (pip) Feb 6, 2024
m3t3kh4n
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated... Moderate Unreviewed
CVE-2023-31492 was published Aug 18, 2023
A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed... Moderate Unreviewed
CVE-2024-23306 was published Feb 14, 2024
The database access credentials configured during installation are stored in a special table, and... Moderate Unreviewed
CVE-2023-4538 was published Feb 15, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed
CVE-2024-21869 was published Feb 2, 2024
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2024-22312 was published Feb 10, 2024
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores... Moderate Unreviewed
CVE-2021-38938 was published Mar 15, 2024
An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the... Moderate Unreviewed
CVE-2023-36266 was published Jul 12, 2023
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote... Moderate Unreviewed
CVE-2020-11964 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed
CVE-2022-47561 was published Sep 20, 2023
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed
CVE-2023-50311 was published Mar 31, 2024
Claws Mail vCalendar plugin: credentials exposed on interface Moderate Unreviewed
CVE-2012-5527 was published Apr 23, 2022
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable Moderate Unreviewed
CVE-2014-0241 was published May 17, 2022
eyeDisk implements the unlock feature by sending a cleartext password. The password can be... Moderate Unreviewed
CVE-2019-11885 was published May 24, 2022
Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R)... Moderate Unreviewed
CVE-2019-0120 was published May 24, 2022
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4138 was published May 24, 2022
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to... Moderate Unreviewed
CVE-2019-13054 was published May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed
CVE-2019-3753 was published May 24, 2022
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve... Moderate Unreviewed
CVE-2019-13421 was published May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using... Moderate Unreviewed
CVE-2019-17497 was published May 24, 2022
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where... Moderate Unreviewed
CVE-2019-19696 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database