Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

168 advisories

Loading
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed
CVE-2024-9466 was published Oct 9, 2024
The Danfoss AK-EM100 stores login credentials in cleartext. High Unreviewed
CVE-2023-22584 was published Jun 11, 2023
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test... High Unreviewed
CVE-2024-8070 was published Oct 13, 2024
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
An unauthorized user is able to gain access to sensitive data, including credentials, by... High Unreviewed
CVE-2024-38280 was published Jun 13, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive... High Unreviewed
CVE-2024-25661 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in... High Unreviewed
CVE-2024-28809 was published Sep 30, 2024
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed
CVE-2024-45862 was published Sep 19, 2024
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within... High Unreviewed
CVE-2024-8459 was published Sep 30, 2024
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed
CVE-2023-6874 was published Feb 5, 2024
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform... High Unreviewed
CVE-2023-50957 was published Feb 10, 2024
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to... High Unreviewed
CVE-2023-46386 was published Dec 1, 2023
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions... High Unreviewed
CVE-2023-46388 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext... High Unreviewed
CVE-2023-46384 was published Dec 1, 2023
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc.... High Unreviewed
CVE-2024-6921 was published Sep 2, 2024
django-nopassword stores secrets in cleartext High
CVE-2019-10682 was published for django-nopassword (pip) Jun 5, 2020
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If... High Unreviewed
CVE-2024-41716 was published Sep 4, 2024
django-celery-results Stores Sensitive Information In Cleartext High
CVE-2020-17495 was published for django-celery-results (pip) Jun 4, 2021
G-Rath
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext... High Unreviewed
CVE-2019-16638 was published Jul 16, 2024
SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-24375 was published Mar 7, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This... High Unreviewed
CVE-2021-22509 was published Aug 28, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,... High Unreviewed
CVE-2023-49341 was published Mar 9, 2024
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. High Unreviewed
CVE-2024-36790 was published Jun 7, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials... High Unreviewed
CVE-2024-41691 was published Jul 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database