GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
300 advisories
Filter by severity
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This...
Moderate
Unreviewed
CVE-2022-42284
was published
Jan 13, 2023
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local...
Moderate
Unreviewed
CVE-2022-23234
was published
Mar 17, 2022
3CX System through 2022-03-17 stores cleartext passwords in a database.
Moderate
Unreviewed
CVE-2021-45491
was published
Mar 29, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F...
Moderate
Unreviewed
CVE-2022-25160
was published
Apr 3, 2022
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to...
Moderate
Unreviewed
CVE-2022-0835
was published
Apr 12, 2022
IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a...
Moderate
Unreviewed
CVE-2021-39078
was published
Apr 20, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text...
Moderate
Unreviewed
CVE-2021-20410
was published
May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in...
Moderate
Unreviewed
CVE-2020-6648
was published
May 24, 2022
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115...
Moderate
Unreviewed
CVE-2021-26833
was published
May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis
Moderate
CVE-2020-10727
was published
for
org.apache.activemq:artemis-commons
(Maven)
May 24, 2022
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND...
Moderate
Unreviewed
CVE-2022-23236
was published
Jun 3, 2022
Shopware contains sensitive data in backend customer module
Moderate
CVE-2022-36101
was published
for
shopware/shopware
(Composer)
Sep 16, 2022
A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <...
Moderate
Unreviewed
CVE-2021-33716
was published
May 24, 2022
During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor...
Moderate
Unreviewed
CVE-2020-9045
was published
May 24, 2022
** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH...
Moderate
Unreviewed
CVE-2022-29620
was published
Jun 8, 2022
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access...
Moderate
Unreviewed
CVE-2022-41740
was published
Jan 5, 2023
RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of...
Moderate
Unreviewed
CVE-2021-36165
was published
May 24, 2022
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as...
Moderate
Unreviewed
CVE-2017-20040
was published
Jun 12, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in...
Moderate
Unreviewed
CVE-2022-22366
was published
Jul 2, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive...
Moderate
Unreviewed
CVE-2022-22367
was published
Jul 2, 2022
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text...
Moderate
Unreviewed
CVE-2022-22478
was published
Jul 1, 2022
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file.
Moderate
Unreviewed
CVE-2021-41639
was published
Jun 25, 2022
Sensitive information was stored in plain text in a file that is accessible by a user with a...
Moderate
Unreviewed
CVE-2022-47512
was published
Dec 19, 2022
The affected device stores sensitive information in cleartext, which may allow an authenticated...
Moderate
Unreviewed
CVE-2022-2569
was published
Aug 25, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre...
Moderate
Unreviewed
CVE-2021-23211
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API