GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
292 advisories
Filter by severity
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var...
High
Unreviewed
CVE-2019-10139
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key...
High
Unreviewed
CVE-2019-0881
was published
May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords...
High
Unreviewed
CVE-2019-10921
was published
May 24, 2022
Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing...
High
Unreviewed
CVE-2022-30018
was published
May 20, 2022
Tridium Niagara AX Framework does not properly store credential data, which allows context...
High
Unreviewed
CVE-2012-4028
was published
May 17, 2022
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var...
High
Unreviewed
CVE-2022-29588
was published
May 17, 2022
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions...
High
Unreviewed
CVE-2018-7782
was published
May 13, 2022
An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05...
High
Unreviewed
CVE-2018-7698
was published
May 13, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by...
High
Unreviewed
CVE-2018-6618
was published
May 13, 2022
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as,...
High
Unreviewed
CVE-2018-5708
was published
May 13, 2022
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and...
High
Unreviewed
CVE-2018-5543
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11...
High
Unreviewed
CVE-2018-4190
was published
May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue...
High
Unreviewed
CVE-2018-4170
was published
May 13, 2022
ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows...
High
Unreviewed
CVE-2018-19795
was published
May 13, 2022
Squash TM through 1.18.0 presents the cleartext passwords of external services in the...
High
Unreviewed
CVE-2018-16987
was published
May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in...
High
Unreviewed
CVE-2018-1377
was published
May 13, 2022
Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC...
High
Unreviewed
CVE-2018-13014
was published
May 13, 2022
Previous releases of the Puppet device_manager module creates configuration files containing...
High
Unreviewed
CVE-2018-11748
was published
May 13, 2022
Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3...
High
Unreviewed
CVE-2018-11634
was published
May 13, 2022
Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin...
High
Unreviewed
CVE-2018-11639
was published
May 13, 2022
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
High
Unreviewed
CVE-2018-10814
was published
May 13, 2022
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow...
High
Unreviewed
CVE-2018-10355
was published
May 13, 2022
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding,...
High
Unreviewed
CVE-2018-10327
was published
May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS...
High
Unreviewed
CVE-2018-10286
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API