GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
69 advisories
Filter by severity
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions
High
Unreviewed
CVE-2022-0555
was published
Jun 3, 2024
An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary...
High
Unreviewed
CVE-2024-28736
was published
May 31, 2024
Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a...
Critical
Unreviewed
CVE-2024-36081
was published
May 19, 2024
The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain...
Moderate
Unreviewed
CVE-2024-4425
was published
May 14, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ...
Moderate
Unreviewed
CVE-2024-4232
was published
May 14, 2024
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage...
Low
Unreviewed
CVE-2024-28971
was published
May 8, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure...
Moderate
Unreviewed
CVE-2024-28961
was published
Apr 29, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to...
Moderate
Unreviewed
CVE-2024-28325
was published
Apr 26, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret...
High
Unreviewed
CVE-2024-3623
was published
Apr 25, 2024
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's...
High
Unreviewed
CVE-2024-3624
was published
Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is...
High
Unreviewed
CVE-2024-3622
was published
Apr 25, 2024
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on...
High
Unreviewed
CVE-2024-3625
was published
Apr 25, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2024-28782
was published
Apr 3, 2024
In AutomationDirect C-MORE EA9 HMI,
credentials used by the platform are stored as plain text...
Moderate
Unreviewed
CVE-2024-25138
was published
Mar 27, 2024
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which...
Moderate
Unreviewed
CVE-2024-22312
was published
Feb 10, 2024
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read...
High
Unreviewed
CVE-2023-6518
was published
Feb 8, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores...
Moderate
Unreviewed
CVE-2024-21869
was published
Feb 2, 2024
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config...
High
Unreviewed
CVE-2024-22432
was published
Jan 25, 2024
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local...
Moderate
Unreviewed
CVE-2023-44300
was published
Dec 4, 2023
EisBaer Scada - CWE-256: Plaintext Storage of a Password
Critical
Unreviewed
CVE-2023-42493
was published
Oct 25, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,...
Moderate
Unreviewed
CVE-2023-43777
was published
Oct 17, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability
which could allow a local...
Moderate
Unreviewed
CVE-2023-27315
was published
Oct 12, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ...
Moderate
Unreviewed
CVE-2022-47561
was published
Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED **
The web application that owns the device clearly...
High
Unreviewed
CVE-2023-39452
was published
Sep 18, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages...
High
Unreviewed
CVE-2022-3261
was published
Sep 15, 2023
ProTip!
Advisories are also available from the
GraphQL API