GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,150
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,268
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,631

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

549 advisories

Filter by severity

Sort by

Least recently updated

In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after... High Unreviewed

CVE-2021-31791 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be... Moderate Unreviewed

CVE-2020-4604 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in... Moderate Unreviewed

CVE-2020-4884 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1... Moderate Unreviewed

CVE-2020-4944 was published May 24, 2022

IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be... Moderate Unreviewed

CVE-2020-4189 was published May 24, 2022

Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager... Moderate Unreviewed

CVE-2021-25692 was published May 24, 2022

The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext... High Unreviewed

CVE-2022-42955 was published Nov 7, 2022

Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login... Moderate Unreviewed

CVE-2021-21734 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext... High Unreviewed

CVE-2021-27176 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in... High Unreviewed

CVE-2021-27178 was published May 24, 2022

Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful... Moderate Unreviewed

CVE-2020-15384 was published May 24, 2022

Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to... Moderate Unreviewed

CVE-2021-27204 was published May 24, 2022

TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials... Moderate Unreviewed

CVE-2021-27210 was published May 24, 2022

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the... Moderate Unreviewed

CVE-2021-28858 was published May 24, 2022

The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN... Moderate Unreviewed

CVE-2020-36248 was published May 24, 2022

An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6... Moderate Unreviewed

CVE-2021-25645 was published May 24, 2022

In multiple managed switches by WAGO in different versions the webserver cookies of the web based... High Unreviewed

CVE-2021-20995 was published May 24, 2022

IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read... Moderate Unreviewed

CVE-2021-29683 was published May 24, 2022

In Versa Director, the unencrypted backup files stored on the Versa deployment contain... Moderate Unreviewed

CVE-2018-16498 was published May 24, 2022

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in... Moderate Unreviewed

CVE-2021-27487 was published May 24, 2022

SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A... Moderate Unreviewed

CVE-2021-28979 was published May 24, 2022

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1... Moderate Unreviewed

CVE-2021-29956 was published May 24, 2022

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC... Moderate Unreviewed

CVE-2021-3473 was published May 24, 2022

Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored... Moderate Unreviewed

CVE-2021-31539 was published May 24, 2022

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text... Moderate Unreviewed

CVE-2021-21547 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

549 advisories