GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in...
Low
Unreviewed
CVE-2019-19096
was published
May 24, 2022
ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their...
High
Unreviewed
CVE-2021-27485
was published
May 24, 2022
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical...
Moderate
Unreviewed
CVE-2022-46142
was published
Dec 13, 2022
A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in...
Critical
Unreviewed
CVE-2022-32519
was published
Jan 31, 2023
Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password...
Critical
Unreviewed
CVE-2023-0353
was published
Mar 13, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
Pimcore customers' list user password hash is disclosed
Moderate
CVE-2023-2881
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 25, 2023
The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password...
High
Unreviewed
CVE-2022-47376
was published
Jun 13, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,...
Moderate
Unreviewed
CVE-2023-2358
was published
Sep 27, 2023
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism...
High
Unreviewed
CVE-2023-5627
was published
Nov 1, 2023
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31001
was published
Jan 11, 2024
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages...
Moderate
Unreviewed
CVE-2023-38738
was published
Jan 19, 2024
Unitronics Vision Standard line of controllers allow the Information Mode password to be...
High
Unreviewed
CVE-2024-1480
was published
Apr 20, 2024
Use of reversible password encryption algorithm allows attackers to decrypt passwords. ...
Moderate
Unreviewed
CVE-2024-3543
was published
May 2, 2024
Claris International has successfully resolved an issue of potentially exposing password...
Moderate
Unreviewed
CVE-2023-42955
was published
May 14, 2024
The key used to encrypt passwords stored in the database can be found in
the
CyberPower...
Moderate
Unreviewed
CVE-2024-32042
was published
May 15, 2024
Under certain circumstances the Linux users credentials may be recovered by an authenticated user.
Moderate
Unreviewed
CVE-2024-32756
was published
Jul 2, 2024
Under certain circumstances the web interface users credentials may be recovered by an...
Moderate
Unreviewed
CVE-2024-32932
was published
Jul 2, 2024
The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to...
Low
Unreviewed
CVE-2024-6694
was published
Jul 20, 2024
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with...
Low
Unreviewed
CVE-2024-45744
was published
Sep 27, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform...
Moderate
Unreviewed
CVE-2024-20462
was published
Oct 16, 2024
User passwords are decrypted and stored on memory before any user logged in. Those decrypted...
Moderate
Unreviewed
CVE-2024-32151
was published
Nov 26, 2024
ProTip!
Advisories are also available from the
GraphQL API