GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,591
Composer 4,209
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,231

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

447 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email... Moderate Unreviewed

CVE-2021-34544 was published Dec 8, 2021

This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain... Moderate Unreviewed

CVE-2024-10523 was published Nov 4, 2024

A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed

CVE-2021-31989 was published May 24, 2022

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created... Moderate Unreviewed

CVE-2020-11918 was published Nov 7, 2024

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34891 was published Nov 4, 2024

The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores... Low Unreviewed

CVE-2024-40594 was published Jul 6, 2024

An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted... Low Unreviewed

CVE-2023-46294 was published May 1, 2024

Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to... High Unreviewed

CVE-2024-28327 was published Apr 26, 2024

No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command... Critical Unreviewed

CVE-2024-40457 was published Sep 12, 2024

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information,... Moderate Unreviewed

CVE-2024-7783 was published Oct 29, 2024

This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in... High Unreviewed

CVE-2024-9991 was published Oct 25, 2024

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed

CVE-2024-9466 was published Oct 9, 2024

The Danfoss AK-EM100 stores login credentials in cleartext. High Unreviewed

CVE-2023-22584 was published Jun 11, 2023

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test... High Unreviewed

CVE-2024-8070 was published Oct 13, 2024

The health endpoint is public so everybody can see a list of all services. It is potentially... Critical Unreviewed

CVE-2024-9798 was published Oct 10, 2024

The conformance validation endpoint is public so everybody can verify the conformance of... Moderate Unreviewed

CVE-2024-9802 was published Oct 10, 2024

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed

CVE-2024-45004 was published Sep 4, 2024

A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed

CVE-2024-20448 was published Oct 2, 2024

Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp... Critical Unreviewed

CVE-2024-8644 was published Sep 27, 2024

An unauthorized user is able to gain access to sensitive data, including credentials, by... High Unreviewed

CVE-2024-38280 was published Jun 13, 2024

In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive... High Unreviewed

CVE-2024-25661 was published Oct 1, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed

CVE-2024-28807 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed

CVE-2024-28810 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in... High Unreviewed

CVE-2024-28809 was published Sep 30, 2024

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed

CVE-2024-45862 was published Sep 19, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

447 advisories