GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
168 advisories
Filter by severity
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS...
High
Unreviewed
CVE-2018-19981
was published
May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext...
High
Unreviewed
CVE-2016-0876
was published
May 13, 2022
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions...
High
Unreviewed
CVE-2022-28214
was published
May 12, 2022
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file,...
High
Unreviewed
CVE-2005-1828
was published
May 1, 2022
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file,...
High
Unreviewed
CVE-2001-1481
was published
Apr 30, 2022
VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and...
High
Unreviewed
CVE-2021-36460
was published
Apr 26, 2022
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions...
High
Unreviewed
CVE-2009-5068
was published
Apr 21, 2022
" Insecure password storage issue.The application stores sensitive information in cleartext...
High
Unreviewed
CVE-2021-27757
was published
Mar 5, 2022
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores...
High
Unreviewed
CVE-2021-3551
was published
Feb 17, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40363
was published
Feb 10, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct...
High
Unreviewed
CVE-2021-42642
was published
Feb 9, 2022
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and...
High
Unreviewed
CVE-2022-22789
was published
Jan 26, 2022
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU...
High
Unreviewed
CVE-2021-20827
was published
Dec 25, 2021
Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information,...
High
Unreviewed
CVE-2021-43388
was published
Dec 15, 2021
django-celery-results Stores Sensitive Information In Cleartext
High
CVE-2020-17495
was published
for
django-celery-results
(pip)
Jun 4, 2021
Cleartext storage of session identifier
High
CVE-2020-26228
was published
for
typo3/cms
(Composer)
Nov 23, 2020
django-nopassword stores secrets in cleartext
High
CVE-2019-10682
was published
for
django-nopassword
(pip)
Jun 5, 2020
Sensitive data written to disk unencrypted in Spark
High
CVE-2019-10099
was published
for
org.apache.spark:spark-core_2.11
(Maven)
Aug 8, 2019
ProTip!
Advisories are also available from the
GraphQL API