Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text... High Unreviewed
CVE-2017-1362 was published May 13, 2022
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials... High Unreviewed
CVE-2017-1337 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login... High Unreviewed
CVE-2017-1378 was published May 13, 2022
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier... High Unreviewed
CVE-2017-14111 was published May 13, 2022
The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware... High Unreviewed
CVE-2017-14418 was published May 13, 2022
The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga... High Unreviewed
CVE-2017-14711 was published May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4... High Unreviewed
CVE-2017-15656 was published May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized... High Unreviewed
CVE-2017-1764 was published May 13, 2022
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the... High Unreviewed
CVE-2017-17691 was published May 13, 2022
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a... High Unreviewed
CVE-2017-1779 was published May 13, 2022
Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH,... High Unreviewed
CVE-2017-5700 was published May 13, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed
CVE-2017-6528 was published May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA... High Unreviewed
CVE-2017-8222 was published May 13, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of... High Unreviewed
CVE-2017-8296 was published May 13, 2022
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due... High Unreviewed
CVE-2018-0828 was published May 13, 2022
Insufficiently Protected Credentials in Jenkins AWS CodeBuild Plugin High
CVE-2018-1000404 was published for com.amazonaws:aws-codebuild (Maven) May 13, 2022
Jenkins AWS CodePipeline Plugin has Insufficiently Protected Credentials High
CVE-2018-1000401 was published for com.amazonaws:aws-codepipeline (Maven) May 13, 2022
AWS CodeDeploy Plugin stored AWS Secret Key in plain text High
CVE-2018-1000403 was published for com.amazonaws:codedeploy (Maven) May 13, 2022
westonsteimel
Jenkins Configuration as Code Plugin has Insufficiently Protected Credentials High
CVE-2018-1000610 was published for io.jenkins:configuration-as-code (Maven) May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS... High Unreviewed
CVE-2018-10286 was published May 13, 2022
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding,... High Unreviewed
CVE-2018-10327 was published May 13, 2022
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow... High Unreviewed
CVE-2018-10355 was published May 13, 2022
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. High Unreviewed
CVE-2018-10814 was published May 13, 2022
Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3... High Unreviewed
CVE-2018-11634 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database