GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,356

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

823 advisories

Filter by severity

Sort by

Least recently updated

IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that... Moderate Unreviewed

CVE-2022-38714 was published Feb 12, 2024

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2024-22312 was published Feb 10, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed

CVE-2024-21869 was published Feb 2, 2024

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config... High Unreviewed

CVE-2024-22432 was published Jan 25, 2024

HPE OneView may have a missing passphrase during restore. Moderate Unreviewed

CVE-2023-6573 was published Jan 23, 2024

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device... Moderate Unreviewed

CVE-2023-49106 was published Jan 16, 2024

A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker... Moderate Unreviewed

CVE-2023-50125 was published Jan 11, 2024

An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to... Moderate Unreviewed

CVE-2023-29447 was published Jan 10, 2024

The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords,... High Unreviewed

CVE-2023-6421 was published Jan 1, 2024

In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials... Moderate Unreviewed

CVE-2022-39820 was published Dec 25, 2023

IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text... Moderate Unreviewed

CVE-2023-47741 was published Dec 18, 2023

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed

CVE-2023-6791 was published Dec 13, 2023

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be... Moderate Unreviewed

CVE-2023-47722 was published Dec 9, 2023

Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user... High Unreviewed

CVE-2023-32268 was published Dec 6, 2023

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Moderate Unreviewed

CVE-2023-24047 was published Dec 5, 2023

Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local... Moderate Unreviewed

CVE-2023-44300 was published Dec 4, 2023

A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text... High Unreviewed

CVE-2023-6254 was published Nov 27, 2023

RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the... High Unreviewed

CVE-2023-44303 was published Nov 24, 2023

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0... Moderate Unreviewed

CVE-2023-41676 was published Nov 14, 2023

The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and... Moderate Unreviewed

CVE-2023-26221 was published Nov 8, 2023

An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability... Moderate Unreviewed

CVE-2023-38328 was published Oct 27, 2023

Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote... Moderate Unreviewed

CVE-2020-17477 was published Oct 26, 2023

Incorrect access control in writercms v1.1.0 allows attackers to directly obtain backend account... High Unreviewed

CVE-2023-43905 was published Oct 26, 2023

A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers... High Unreviewed

CVE-2023-5552 was published Oct 18, 2023

TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source... Critical Unreviewed

CVE-2023-27132 was published Oct 17, 2023

Previous 1 2 3 4 5 6 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

823 advisories