GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,952
Composer 4,782
Erlang 36
GitHub Actions 29
Go 2,347
Maven 5,667
npm 3,976
NuGet 720
pip 3,774
Pub 12
RubyGems 923
Rust 981
Swift 38

Unreviewed advisories

All unreviewed 260,244

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

379 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk High

CVE-2018-1000424 was published for org.jenkins-ci.plugins:artifactory (Maven) May 13, 2022

Jenkins SonarQube Scanner Plugin stored server authentication token in plain text High

CVE-2018-1000425 was published for org.jenkins-ci.plugins:sonar (Maven) May 13, 2022

Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... High Unreviewed

CVE-2018-17500 was published May 13, 2022

The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in... High Unreviewed

CVE-2018-18656 was published May 13, 2022

A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated... High Unreviewed

CVE-2019-10630 was published May 13, 2022

** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password... High Unreviewed

CVE-2019-6242 was published May 13, 2022

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading... High Unreviewed

CVE-2019-7300 was published May 13, 2022

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The... High Unreviewed

CVE-2019-9867 was published May 13, 2022

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP... High Unreviewed

CVE-2019-9868 was published May 13, 2022

OpenStack Identity Keystone and keystonemiddleware Insufficiently Protected Credentials High

CVE-2015-7546 was published for keystone (pip) May 13, 2022

In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be... High Unreviewed

CVE-2017-7510 was published May 13, 2022

ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to... High Unreviewed

CVE-2018-1074 was published May 13, 2022

IBM Security Guardium EcoSystem 10.5 stores user credentials in plain in clear text which can be... High Unreviewed

CVE-2018-1498 was published May 13, 2022

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1... High Unreviewed

CVE-2018-1139 was published May 13, 2022

Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password... High Unreviewed

CVE-2018-11079 was published May 13, 2022

A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... High Unreviewed

CVE-2018-10622 was published May 13, 2022

The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login... High Unreviewed

CVE-2017-9654 was published May 13, 2022

A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows... High Unreviewed

CVE-2017-9552 was published May 13, 2022

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password... High Unreviewed

CVE-2017-7524 was published May 13, 2022

An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE,... High Unreviewed

CVE-2017-6046 was published May 13, 2022

The skyring-setup command creates random password for mongodb skyring database but it writes... High Unreviewed

CVE-2017-2665 was published May 13, 2022

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that... High Unreviewed

CVE-2017-1411 was published May 13, 2022

IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read... High Unreviewed

CVE-2017-1231 was published May 13, 2022

An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8... High Unreviewed

CVE-2017-16731 was published May 13, 2022

An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to... High Unreviewed

CVE-2017-13998 was published May 13, 2022

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

379 advisories