Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

532 advisories

Loading
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed
CVE-2022-23234 was published Mar 17, 2022
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows... Moderate Unreviewed
CVE-2022-26778 was published Mar 11, 2022
" Insecure password storage issue.The application stores sensitive information in cleartext... High Unreviewed
CVE-2021-27757 was published Mar 5, 2022
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a... Moderate Unreviewed
CVE-2021-43590 was published Mar 5, 2022
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could... Moderate Unreviewed
CVE-2021-35036 was published Mar 2, 2022
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local,... Moderate Unreviewed
CVE-2020-14480 was published Feb 25, 2022
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores... High Unreviewed
CVE-2021-3551 was published Feb 17, 2022
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual... Moderate Unreviewed
CVE-2022-21818 was published Feb 16, 2022
Jenkins Support Core Plugin stores sensitive data in plain text Moderate
CVE-2022-25187 was published for org.jenkins-ci.plugins:support-core (Maven) Feb 16, 2022
westonsteimel
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40363 was published Feb 10, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42642 was published Feb 9, 2022
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and... High Unreviewed
CVE-2022-22789 was published Jan 26, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E ... Moderate Unreviewed
CVE-2022-23129 was published Jan 22, 2022
When the Windows Tentacle docker image starts up it logs all the commands that it runs along with... Moderate Unreviewed
CVE-2021-31821 was published Jan 20, 2022
A vulnerability in the information storage architecture of several Cisco IP Phone models could... Moderate Unreviewed
CVE-2022-20660 was published Jan 15, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and... Moderate Unreviewed
CVE-2021-20162 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and... Moderate Unreviewed
CVE-2021-20171 was published Dec 31, 2021
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could... Moderate Unreviewed
CVE-2021-35035 was published Dec 30, 2021
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU... High Unreviewed
CVE-2021-20827 was published Dec 25, 2021
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the... Moderate Unreviewed
CVE-2021-42066 was published Dec 15, 2021
Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information,... High Unreviewed
CVE-2021-43388 was published Dec 15, 2021
Instance config inline secret exposure in Grafana Moderate
CVE-2021-41090 was published for github.com/grafana/agent (Go) Dec 8, 2021
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email... Moderate Unreviewed
CVE-2021-34544 was published Dec 8, 2021
Unencrypted storage of client side sessions Moderate
CVE-2021-29481 was published for io.ratpack:ratpack-session (Maven) Jul 1, 2021
JLLeitschuh
django-celery-results Stores Sensitive Information In Cleartext High
CVE-2020-17495 was published for django-celery-results (pip) Jun 4, 2021
G-Rath
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database