GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,483
Composer 4,168
Erlang 30
GitHub Actions 19
Go 1,978
Maven 5,153
npm 3,698
NuGet 656
pip 3,315
Pub 11
RubyGems 882
Rust 832
Swift 35

Unreviewed advisories

All unreviewed 232,726

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

61 advisories

Filter by severity

Sort by

Least recently updated

Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of... Low Unreviewed

CVE-2024-42496 was published Sep 30, 2024

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed

CVE-2024-31899 was published Sep 26, 2024

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in... High Unreviewed

CVE-2023-41610 was published Sep 18, 2024

Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain... Critical Unreviewed

CVE-2024-5960 was published Sep 18, 2024

A vulnerability in the storage method of the PON Controller configuration file could allow an... High Unreviewed

CVE-2024-20489 was published Sep 11, 2024

An issue in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to... High Unreviewed

CVE-2024-44815 was published Sep 10, 2024

SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The... Moderate Unreviewed

CVE-2024-45283 was published Sep 10, 2024

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO!... Moderate Unreviewed

CVE-2024-39922 was published Aug 13, 2024

The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords... High Unreviewed

CVE-2024-36460 was published Aug 12, 2024

A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub... Critical Unreviewed

CVE-2024-6118 was published Aug 5, 2024

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an... Moderate Unreviewed

CVE-2024-3082 was published Jul 31, 2024

DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high... Low Unreviewed

CVE-2024-37135 was published Jul 31, 2024

An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store... Unknown Unreviewed

CVE-2024-40116 was published Jul 26, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain... Moderate Unreviewed

CVE-2024-39733 was published Jul 14, 2024

BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR... Moderate Unreviewed

CVE-2024-39220 was published Jul 3, 2024

LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's... Critical Unreviewed

CVE-2024-33375 was published Jun 14, 2024

Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal... High Unreviewed

CVE-2024-27166 was published Jun 14, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions High Unreviewed

CVE-2022-0555 was published Jun 3, 2024

An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary... High Unreviewed

CVE-2024-28736 was published May 31, 2024

Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a... Critical Unreviewed

CVE-2024-36081 was published May 19, 2024

The access control in CemiPark software stores integration (e.g. FTP or SIP) credentials in plain... Moderate Unreviewed

CVE-2024-4425 was published May 14, 2024

This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ... Moderate Unreviewed

CVE-2024-4232 was published May 14, 2024

Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage... Low Unreviewed

CVE-2024-28971 was published May 8, 2024

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure... Moderate Unreviewed

CVE-2024-28961 was published Apr 29, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

61 advisories