GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
32 advisories
Filter by severity
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to...
Moderate
Unreviewed
CVE-2023-50956
was published
Dec 18, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
stores user credentials in...
Moderate
Unreviewed
CVE-2024-52361
was published
Dec 18, 2024
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ...
Moderate
Unreviewed
CVE-2021-1126
was published
May 24, 2022
User passwords are decrypted and stored on memory before any user logged in. Those decrypted...
Moderate
Unreviewed
CVE-2024-29978
was published
Nov 26, 2024
IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be...
Moderate
Unreviewed
CVE-2024-49351
was published
Nov 26, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to...
Moderate
Unreviewed
CVE-2024-31899
was published
Sep 26, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain...
Moderate
Unreviewed
CVE-2024-39733
was published
Jul 14, 2024
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The...
Moderate
Unreviewed
CVE-2024-45283
was published
Sep 10, 2024
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO!...
Moderate
Unreviewed
CVE-2024-39922
was published
Aug 13, 2024
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an...
Moderate
Unreviewed
CVE-2024-3082
was published
Jul 31, 2024
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by...
Moderate
Unreviewed
CVE-2024-25052
was published
Jun 13, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ...
Moderate
Unreviewed
CVE-2024-4232
was published
May 14, 2024
BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR...
Moderate
Unreviewed
CVE-2024-39220
was published
Jul 3, 2024
The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain...
Moderate
Unreviewed
CVE-2024-4425
was published
May 14, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to...
Moderate
Unreviewed
CVE-2024-28325
was published
Apr 26, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure...
Moderate
Unreviewed
CVE-2024-28961
was published
Apr 29, 2024
Eaton easySoft software is used to program easy controllers and displays for configuring,...
Moderate
Unreviewed
CVE-2023-43777
was published
Oct 17, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability
which could allow a local...
Moderate
Unreviewed
CVE-2023-27315
was published
Oct 12, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x...
Moderate
Unreviewed
CVE-2023-4400
was published
Sep 13, 2023
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user...
Moderate
Unreviewed
CVE-2023-35765
was published
Jul 7, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file...
Moderate
Unreviewed
CVE-2023-22389
was published
Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in...
Moderate
Unreviewed
CVE-2023-3395
was published
Jul 3, 2023
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user...
Moderate
Unreviewed
CVE-2022-4945
was published
May 23, 2023
An Unprotected Storage of Credentials vulnerability in the identity and access management...
Moderate
Unreviewed
CVE-2019-0072
was published
May 24, 2022
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2024-28782
was published
Apr 3, 2024
ProTip!
Advisories are also available from the
GraphQL API