GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
261 advisories
Filter by severity
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email...
Moderate
Unreviewed
CVE-2021-34544
was published
Dec 8, 2021
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the...
Moderate
Unreviewed
CVE-2021-42066
was published
Dec 15, 2021
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could...
Moderate
Unreviewed
CVE-2021-35035
was published
Dec 30, 2021
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and...
Moderate
Unreviewed
CVE-2021-20171
was published
Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and...
Moderate
Unreviewed
CVE-2021-20162
was published
Dec 31, 2021
A vulnerability in the information storage architecture of several Cisco IP Phone models could...
Moderate
Unreviewed
CVE-2022-20660
was published
Jan 15, 2022
When the Windows Tentacle docker image starts up it logs all the commands that it runs along with...
Moderate
Unreviewed
CVE-2021-31821
was published
Jan 20, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E ...
Moderate
Unreviewed
CVE-2022-23129
was published
Jan 22, 2022
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual...
Moderate
Unreviewed
CVE-2022-21818
was published
Feb 16, 2022
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local,...
Moderate
Unreviewed
CVE-2020-14480
was published
Feb 25, 2022
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could...
Moderate
Unreviewed
CVE-2021-35036
was published
Mar 2, 2022
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a...
Moderate
Unreviewed
CVE-2021-43590
was published
Mar 5, 2022
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows...
Moderate
Unreviewed
CVE-2022-26778
was published
Mar 11, 2022
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local...
Moderate
Unreviewed
CVE-2022-23234
was published
Mar 17, 2022
3CX System through 2022-03-17 stores cleartext passwords in a database.
Moderate
Unreviewed
CVE-2021-45491
was published
Mar 29, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F...
Moderate
Unreviewed
CVE-2022-25160
was published
Apr 3, 2022
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to...
Moderate
Unreviewed
CVE-2022-0835
was published
Apr 12, 2022
IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a...
Moderate
Unreviewed
CVE-2021-39078
was published
Apr 20, 2022
qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world...
Moderate
Unreviewed
CVE-2011-2916
was published
Apr 22, 2022
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1,...
Moderate
Unreviewed
CVE-2004-2397
was published
Apr 29, 2022
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores...
Moderate
Unreviewed
CVE-2001-1537
was published
Apr 30, 2022
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for...
Moderate
Unreviewed
CVE-2001-1536
was published
Apr 30, 2022
phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie,...
Moderate
Unreviewed
CVE-2002-1800
was published
Apr 30, 2022
IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to...
Moderate
Unreviewed
CVE-2005-2160
was published
May 1, 2022
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication,...
Moderate
Unreviewed
CVE-2008-0174
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API