GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,003
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,064
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 239,836

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,067 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed

CVE-2017-6528 was published May 13, 2022

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core... Moderate Unreviewed

CVE-2017-5704 was published May 13, 2022

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH,... High Unreviewed

CVE-2017-5700 was published May 13, 2022

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed

CVE-2017-5140 was published May 13, 2022

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed

CVE-2017-5139 was published May 13, 2022

A BIOS password extraction vulnerability has been reported on certain consumer notebooks with... Moderate Unreviewed

CVE-2017-2751 was published May 13, 2022

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a... High Unreviewed

CVE-2017-1779 was published May 13, 2022

Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the... High Unreviewed

CVE-2017-17691 was published May 13, 2022

IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized... High Unreviewed

CVE-2017-1764 was published May 13, 2022

Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated... Critical Unreviewed

CVE-2017-17106 was published May 13, 2022

Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed

CVE-2017-15918 was published May 13, 2022

Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4... High Unreviewed

CVE-2017-15656 was published May 13, 2022

The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga... High Unreviewed

CVE-2017-14711 was published May 13, 2022

The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware... High Unreviewed

CVE-2017-14418 was published May 13, 2022

The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier... High Unreviewed

CVE-2017-14111 was published May 13, 2022

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login... High Unreviewed

CVE-2017-1378 was published May 13, 2022

IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials... High Unreviewed

CVE-2017-1337 was published May 13, 2022

IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text... High Unreviewed

CVE-2017-1362 was published May 13, 2022

IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text... High Unreviewed

CVE-2017-1201 was published May 13, 2022

IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by... Moderate Unreviewed

CVE-2017-1207 was published May 13, 2022

dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for... Critical Unreviewed

CVE-2017-11349 was published May 13, 2022

Jenkins Build-Publisher plugin has Insufficiently Protected Credentials High

CVE-2017-1000387 was published for org.jenkins-ci.plugins:build-publisher (Maven) May 13, 2022

Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext Critical

CVE-2017-1000245 was published for org.jenkins-ci.plugins:ssh (Maven) May 13, 2022

An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated... Critical Unreviewed

CVE-2017-11510 was published May 13, 2022

An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to... High Unreviewed

CVE-2017-13998 was published May 13, 2022

Previous 1 2 … 33 34 35 36 37 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,067 advisories