GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
296 advisories
Filter by severity
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be...
Moderate
Unreviewed
CVE-2020-4604
was published
May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL...
Moderate
Unreviewed
CVE-2019-4687
was published
May 24, 2022
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in...
Moderate
Unreviewed
CVE-2020-25678
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29502
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29500
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29501
was published
May 24, 2022
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text...
Moderate
Unreviewed
CVE-2020-29489
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
Moderate
Unreviewed
CVE-2020-23249
was published
May 24, 2022
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by...
Moderate
Unreviewed
CVE-2020-13473
was published
May 24, 2022
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that...
Moderate
Unreviewed
CVE-2020-4843
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1...
Moderate
Unreviewed
CVE-2019-4738
was published
May 24, 2022
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions,...
Moderate
Unreviewed
CVE-2020-25677
was published
May 24, 2022
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2...
Moderate
Unreviewed
CVE-2020-28917
was published
May 24, 2022
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921...
Moderate
Unreviewed
CVE-2020-27557
was published
May 24, 2022
The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1...
Moderate
Unreviewed
CVE-2020-8276
was published
May 24, 2022
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in...
Moderate
Unreviewed
CVE-2020-6648
was published
May 24, 2022
Passwords stored in plain text by ElasTest Plugin
Moderate
CVE-2020-2274
was published
for
org.jenkins-ci.plugins:elastest
(Maven)
May 24, 2022
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store...
Moderate
Unreviewed
CVE-2020-12032
was published
May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis
Moderate
CVE-2020-10727
was published
for
org.apache.activemq:artemis-commons
(Maven)
May 24, 2022
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and...
Moderate
Unreviewed
CVE-2020-13637
was published
May 24, 2022
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and...
Moderate
Unreviewed
CVE-2019-17655
was published
May 24, 2022
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted....
Moderate
Unreviewed
CVE-2020-12801
was published
May 24, 2022
A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the...
Moderate
Unreviewed
CVE-2020-10706
was published
May 24, 2022
Grafana information disclosure
Moderate
CVE-2020-12458
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding,...
Moderate
Unreviewed
CVE-2020-11821
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API