Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

137 advisories

Loading
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config... High Unreviewed
CVE-2024-22432 was published Jan 25, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed
CVE-2024-21869 was published Feb 2, 2024
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2024-22312 was published Feb 10, 2024
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly... High Unreviewed
CVE-2023-39452 was published Sep 18, 2023
In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text... Moderate Unreviewed
CVE-2024-25138 was published Mar 27, 2024
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed
CVE-2022-47561 was published Sep 20, 2023
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-28782 was published Apr 3, 2024
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows... High Unreviewed
CVE-2022-4308 was published Apr 19, 2023
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user... Moderate Unreviewed
CVE-2022-4945 was published May 23, 2023
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all... Critical Unreviewed
CVE-2023-26204 was published Jun 13, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in... Moderate Unreviewed
CVE-2023-3395 was published Jul 3, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file... Moderate Unreviewed
CVE-2023-22389 was published Jul 6, 2023
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user... Moderate Unreviewed
CVE-2023-35765 was published Jul 7, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System... High Unreviewed
CVE-2023-35067 was published Jul 25, 2023
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could... High Unreviewed
CVE-2023-39227 was published Sep 11, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages... High Unreviewed
CVE-2022-3261 was published Sep 15, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed
CVE-2023-27315 was published Oct 12, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed
CVE-2023-43777 was published Oct 17, 2023
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's... High Unreviewed
CVE-2024-3624 was published Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret... High Unreviewed
CVE-2024-3623 was published Apr 25, 2024
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on... High Unreviewed
CVE-2024-3625 was published Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is... High Unreviewed
CVE-2024-3622 was published Apr 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database