GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
stores user credentials in...
Moderate
Unreviewed
CVE-2024-52361
was published
Dec 18, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to...
Moderate
Unreviewed
CVE-2023-50956
was published
Dec 18, 2024
User passwords are decrypted and stored on memory before any user logged in. Those decrypted...
Moderate
Unreviewed
CVE-2024-29978
was published
Nov 26, 2024
IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be...
Moderate
Unreviewed
CVE-2024-49351
was published
Nov 26, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to...
Moderate
Unreviewed
CVE-2024-31899
was published
Sep 26, 2024
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The...
Moderate
Unreviewed
CVE-2024-45283
was published
Sep 10, 2024
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO!...
Moderate
Unreviewed
CVE-2024-39922
was published
Aug 13, 2024
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an...
Moderate
Unreviewed
CVE-2024-3082
was published
Jul 31, 2024
Zowe CLI allows storage of previously entered secure credentials in a plaintext file
Moderate
CVE-2024-6833
was published
for
@zowe/cli
(npm)
Jul 17, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain...
Moderate
Unreviewed
CVE-2024-39733
was published
Jul 14, 2024
BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR...
Moderate
Unreviewed
CVE-2024-39220
was published
Jul 3, 2024
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by...
Moderate
Unreviewed
CVE-2024-25052
was published
Jun 13, 2024
TYPO3 Information Disclosure in User Authentication
Moderate
GHSA-wj85-rg5g-v8jm
was published
for
typo3/cms-core
(Composer)
May 30, 2024
The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain...
Moderate
Unreviewed
CVE-2024-4425
was published
May 14, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ...
Moderate
Unreviewed
CVE-2024-4232
was published
May 14, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure...
Moderate
Unreviewed
CVE-2024-28961
was published
Apr 29, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to...
Moderate
Unreviewed
CVE-2024-28325
was published
Apr 26, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2024-28782
was published
Apr 3, 2024
In AutomationDirect C-MORE EA9 HMI,
credentials used by the platform are stored as plain text...
Moderate
Unreviewed
CVE-2024-25138
was published
Mar 27, 2024
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which...
Moderate
Unreviewed
CVE-2024-22312
was published
Feb 10, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores...
Moderate
Unreviewed
CVE-2024-21869
was published
Feb 2, 2024
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local...
Moderate
Unreviewed
CVE-2023-44300
was published
Dec 4, 2023
Clear Text Credentials Exposed via Onboarding Task
Moderate
CVE-2023-48700
was published
for
nautobot-device-onboarding
(pip)
Nov 21, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,...
Moderate
Unreviewed
CVE-2023-43777
was published
Oct 17, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability
which could allow a local...
Moderate
Unreviewed
CVE-2023-27315
was published
Oct 12, 2023
ProTip!
Advisories are also available from the
GraphQL API