Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,653
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

250 advisories

Loading
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text... Moderate Unreviewed
CVE-2022-22478 was published Jul 1, 2022
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file. Moderate Unreviewed
CVE-2021-41639 was published Jun 25, 2022
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as... Moderate Unreviewed
CVE-2017-20040 was published Jun 12, 2022
** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH... Moderate Unreviewed
CVE-2022-29620 was published Jun 8, 2022
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND... Moderate Unreviewed
CVE-2022-23236 was published Jun 3, 2022
UltraLog Express device management software stores user’s information in cleartext. Any user can... Moderate Unreviewed
CVE-2020-3921 was published May 24, 2022
During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor... Moderate Unreviewed
CVE-2020-9045 was published May 24, 2022
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’... Moderate Unreviewed
CVE-2020-3935 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in... Moderate Unreviewed
CVE-2019-4314 was published May 24, 2022
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2021-38949 was published May 24, 2022
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed
CVE-2020-10053 was published May 24, 2022
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed
CVE-2021-25502 was published May 24, 2022
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed
CVE-2021-41023 was published May 24, 2022
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed
CVE-2020-15935 was published May 24, 2022
IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed
CVE-2021-29786 was published May 24, 2022
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed
CVE-2021-38911 was published May 24, 2022
Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-40454 was published May 24, 2022
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed
CVE-2021-38915 was published May 24, 2022
RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed
CVE-2021-36165 was published May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed
CVE-2021-29904 was published May 24, 2022
A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed
CVE-2021-33716 was published May 24, 2022
An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed
CVE-2021-1865 was published May 24, 2022
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed
CVE-2021-36096 was published May 24, 2022
An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed
CVE-2021-40087 was published May 24, 2022
A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed
CVE-2021-31989 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database