GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
296 advisories
Filter by severity
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally...
Moderate
Unreviewed
CVE-2018-11242
was published
May 13, 2022
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital...
Moderate
Unreviewed
CVE-2018-10812
was published
May 13, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of...
Moderate
Unreviewed
CVE-2017-2723
was published
May 13, 2022
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous...
Moderate
Unreviewed
CVE-2017-14990
was published
May 13, 2022
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the...
Moderate
Unreviewed
CVE-2018-17489
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain...
Moderate
Unreviewed
CVE-2018-1621
was published
May 13, 2022
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always...
Moderate
Unreviewed
CVE-2018-5559
was published
May 13, 2022
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81...
Moderate
Unreviewed
CVE-2019-5765
was published
May 13, 2022
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee...
Moderate
Unreviewed
CVE-2019-3606
was published
May 13, 2022
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1...
Moderate
Unreviewed
CVE-2019-3612
was published
May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions...
Moderate
Unreviewed
CVE-2018-18984
was published
May 13, 2022
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not...
Moderate
Unreviewed
CVE-2015-5537
was published
May 13, 2022
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be...
Moderate
Unreviewed
CVE-2018-1882
was published
May 13, 2022
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass....
Moderate
Unreviewed
CVE-2022-29868
was published
May 10, 2022
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the...
Moderate
Unreviewed
CVE-2010-0225
was published
May 2, 2022
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie,...
Moderate
Unreviewed
CVE-2009-2272
was published
May 2, 2022
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication,...
Moderate
Unreviewed
CVE-2008-0174
was published
May 1, 2022
IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to...
Moderate
Unreviewed
CVE-2005-2160
was published
May 1, 2022
phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie,...
Moderate
Unreviewed
CVE-2002-1800
was published
Apr 30, 2022
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for...
Moderate
Unreviewed
CVE-2001-1536
was published
Apr 30, 2022
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores...
Moderate
Unreviewed
CVE-2001-1537
was published
Apr 30, 2022
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1,...
Moderate
Unreviewed
CVE-2004-2397
was published
Apr 29, 2022
qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world...
Moderate
Unreviewed
CVE-2011-2916
was published
Apr 22, 2022
IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a...
Moderate
Unreviewed
CVE-2021-39078
was published
Apr 20, 2022
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to...
Moderate
Unreviewed
CVE-2022-0835
was published
Apr 12, 2022
ProTip!
Advisories are also available from the
GraphQL API