Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,067 advisories

Loading
In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in... Critical Unreviewed
CVE-2017-16714 was published May 13, 2022
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8... High Unreviewed
CVE-2017-16731 was published May 13, 2022
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read... High Unreviewed
CVE-2017-1231 was published May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that... High Unreviewed
CVE-2017-1411 was published May 13, 2022
The skyring-setup command creates random password for mongodb skyring database but it writes... High Unreviewed
CVE-2017-2665 was published May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently... Critical Unreviewed
CVE-2017-3192 was published May 13, 2022
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password... High Unreviewed
CVE-2017-7524 was published May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3... Critical Unreviewed
CVE-2017-7913 was published May 13, 2022
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party... Moderate Unreviewed
CVE-2017-9637 was published May 13, 2022
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login... High Unreviewed
CVE-2017-9654 was published May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... High Unreviewed
CVE-2018-10622 was published May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password... High Unreviewed
CVE-2018-11079 was published May 13, 2022
A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an... Moderate Unreviewed
CVE-2018-15456 was published May 13, 2022
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes. Moderate Unreviewed
CVE-2018-15717 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... Critical Unreviewed
CVE-2018-17900 was published May 13, 2022
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1... High Unreviewed
CVE-2018-1139 was published May 13, 2022
IBM Security Guardium EcoSystem 10.5 stores user credentials in plain in clear text which can be... High Unreviewed
CVE-2018-1498 was published May 13, 2022
All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and... Moderate Unreviewed
CVE-2018-5446 was published May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... Critical Unreviewed
CVE-2018-7518 was published May 13, 2022
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software... Critical Unreviewed
CVE-2018-7510 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8851 was published May 13, 2022
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to... High Unreviewed
CVE-2018-1074 was published May 13, 2022
In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be... High Unreviewed
CVE-2017-7510 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a... Critical Unreviewed
CVE-2018-11544 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database