Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,749
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

298 advisories

Loading
Cloud Foundry BOSH 267.x versions prior to v267.14.0, and BOSH 270.x versions prior to v270.1.1,... High Unreviewed
CVE-2019-11271 was published May 24, 2022
IBM MQ Advanced Cloud Pak (IBM Cloud Private 1.0.0 through 3.0.1) stores user credentials in... High Unreviewed
CVE-2019-4239 was published May 24, 2022
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the... High Unreviewed
CVE-2019-6452 was published May 24, 2022
An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pw_changeusers.html the... High Unreviewed
CVE-2019-11369 was published May 24, 2022
In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified... High Unreviewed
CVE-2019-10981 was published May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var... High Unreviewed
CVE-2019-10139 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key... High Unreviewed
CVE-2019-0881 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords... High Unreviewed
CVE-2019-10921 was published May 24, 2022
Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing... High Unreviewed
CVE-2022-30018 was published May 20, 2022
Tridium Niagara AX Framework does not properly store credential data, which allows context... High Unreviewed
CVE-2012-4028 was published May 17, 2022
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var... High Unreviewed
CVE-2022-29588 was published May 17, 2022
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions... High Unreviewed
CVE-2018-7782 was published May 13, 2022
An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05... High Unreviewed
CVE-2018-7698 was published May 13, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by... High Unreviewed
CVE-2018-6618 was published May 13, 2022
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as,... High Unreviewed
CVE-2018-5708 was published May 13, 2022
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and... High Unreviewed
CVE-2018-5543 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11... High Unreviewed
CVE-2018-4190 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... High Unreviewed
CVE-2018-4170 was published May 13, 2022
ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows... High Unreviewed
CVE-2018-19795 was published May 13, 2022
Squash TM through 1.18.0 presents the cleartext passwords of external services in the... High Unreviewed
CVE-2018-16987 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in... High Unreviewed
CVE-2018-1377 was published May 13, 2022
Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC... High Unreviewed
CVE-2018-13014 was published May 13, 2022
Previous releases of the Puppet device_manager module creates configuration files containing... High Unreviewed
CVE-2018-11748 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database