Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,478
Erlang
33
GitHub Actions
24
Go
2,208
Maven
5,000+
npm
3,865
NuGet
696
pip
3,642
Pub
12
RubyGems
913
Rust
919
Swift
38
Unreviewed advisories
All unreviewed
5,000+

181 advisories

Loading
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in... High Unreviewed
CVE-2019-15023 was published May 24, 2022
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to... High Unreviewed
CVE-2018-9065 was published May 13, 2022
Plaintext Storage of Sensitive Information in Laravel Log Viewer before v0.13.0 High
CVE-2018-8947 was published for rap2hpoutre/laravel-log-viewer (Composer) May 13, 2022
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true"... High Unreviewed
CVE-2017-16835 was published May 13, 2022
Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... High Unreviewed
CVE-2017-13663 was published May 13, 2022
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in... High Unreviewed
CVE-2017-1309 was published May 13, 2022
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and... High Unreviewed
CVE-2017-9663 was published May 13, 2022
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS)... High Unreviewed
CVE-2018-0089 was published May 13, 2022
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive... High Unreviewed
CVE-2018-10871 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive... High Unreviewed
CVE-2018-1877 was published May 13, 2022
The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk... High Unreviewed
CVE-2017-3214 was published May 13, 2022
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which... High Unreviewed
CVE-2018-12572 was published May 13, 2022
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local... High Unreviewed
CVE-2018-19009 was published May 13, 2022
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS... High Unreviewed
CVE-2018-19981 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext... High Unreviewed
CVE-2016-0876 was published May 13, 2022
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions... High Unreviewed
CVE-2022-28214 was published May 12, 2022
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file,... High Unreviewed
CVE-2005-1828 was published May 1, 2022
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file,... High Unreviewed
CVE-2001-1481 was published Apr 30, 2022
VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and... High Unreviewed
CVE-2021-36460 was published Apr 26, 2022
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions... High Unreviewed
CVE-2009-5068 was published Apr 21, 2022
" Insecure password storage issue.The application stores sensitive information in cleartext... High Unreviewed
CVE-2021-27757 was published Mar 5, 2022
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores... High Unreviewed
CVE-2021-3551 was published Feb 17, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40363 was published Feb 10, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42642 was published Feb 9, 2022
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and... High Unreviewed
CVE-2022-22789 was published Jan 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database