GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
Jenkins jira-ext Plugin stores credentials unencrypted
High
CVE-2019-10302
was published
for
org.jenkins-ci.plugins:jira-ext
(Maven)
May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords...
High
Unreviewed
CVE-2019-10921
was published
May 24, 2022
Plaintext password storage in Jenkins InfluxDB Plugin
High
CVE-2019-10329
was published
for
org.jenkins-ci.plugins:influxdb
(Maven)
May 24, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments...
High
Unreviewed
CVE-2022-22557
was published
Jun 3, 2022
Rundeck's Key Storage converter plugin mechanism's encryption layer not working in 4.2.0, 4.2.1, 4.3.0
High
CVE-2022-31044
was published
for
org.rundeck:rundeck
(Maven)
Jun 17, 2022
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its...
High
Unreviewed
CVE-2022-1794
was published
Jul 12, 2022
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects
High
CVE-2022-43757
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F...
High
Unreviewed
CVE-2023-0457
was published
Mar 3, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows...
High
Unreviewed
CVE-2022-4308
was published
Apr 19, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System...
High
Unreviewed
CVE-2023-35067
was published
Jul 25, 2023
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could...
High
Unreviewed
CVE-2023-39227
was published
Sep 11, 2023
Keycloak vulnerable to Plaintext Storage of User Password
High
CVE-2023-4918
was published
for
org.keycloak:keycloak-core
(Maven)
Sep 12, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages...
High
Unreviewed
CVE-2022-3261
was published
Sep 15, 2023
** UNSUPPPORTED WHEN ASSIGNED **
The web application that owns the device clearly...
High
Unreviewed
CVE-2023-39452
was published
Sep 18, 2023
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config...
High
Unreviewed
CVE-2024-22432
was published
Jan 25, 2024
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read...
High
Unreviewed
CVE-2023-6518
was published
Feb 8, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret...
High
Unreviewed
CVE-2024-3623
was published
Apr 25, 2024
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's...
High
Unreviewed
CVE-2024-3624
was published
Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is...
High
Unreviewed
CVE-2024-3622
was published
Apr 25, 2024
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on...
High
Unreviewed
CVE-2024-3625
was published
Apr 25, 2024
An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary...
High
Unreviewed
CVE-2024-28736
was published
May 31, 2024
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions
High
Unreviewed
CVE-2022-0555
was published
Jun 3, 2024
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal...
High
Unreviewed
CVE-2024-27166
was published
Jun 14, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
High
CVE-2024-22032
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords...
High
Unreviewed
CVE-2024-36460
was published
Aug 12, 2024
ProTip!
Advisories are also available from the
GraphQL API