GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
253 advisories
Filter by severity
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be...
Moderate
Unreviewed
CVE-2020-4604
was published
May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL...
Moderate
Unreviewed
CVE-2019-4687
was published
May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in...
Moderate
Unreviewed
CVE-2020-25678
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29502
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29500
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29501
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text...
Moderate
Unreviewed
CVE-2020-29489
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
Moderate
Unreviewed
CVE-2020-23249
was published
May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by...
Moderate
Unreviewed
CVE-2020-13473
was published
May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that...
Moderate
Unreviewed
CVE-2020-4843
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1...
Moderate
Unreviewed
CVE-2019-4738
was published
May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,...
Moderate
Unreviewed
CVE-2020-25677
was published
May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2...
Moderate
Unreviewed
CVE-2020-28917
was published
May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921...
Moderate
Unreviewed
CVE-2020-27557
was published
May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1...
Moderate
Unreviewed
CVE-2020-8276
was published
May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in...
Moderate
Unreviewed
CVE-2020-6648
was published
May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store...
Moderate
Unreviewed
CVE-2020-12032
was published
May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and...
Moderate
Unreviewed
CVE-2020-13637
was published
May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and...
Moderate
Unreviewed
CVE-2019-17655
was published
May 24, 2022
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted....
Moderate
Unreviewed
CVE-2020-12801
was published
May 24, 2022
A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the...
Moderate
Unreviewed
CVE-2020-10706
was published
May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,...
Moderate
Unreviewed
CVE-2020-11821
was published
May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were...
Moderate
Unreviewed
CVE-2020-11694
was published
May 24, 2022
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via...
Moderate
Unreviewed
CVE-2019-15656
was published
May 24, 2022
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where...
Moderate
Unreviewed
CVE-2019-14886
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API