GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,350
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,681
NuGet 650
pip 3,298
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,419

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

438 advisories

Filter by severity

Sort by

Least recently updated

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed

CVE-2024-9466 was published Oct 9, 2024

The Danfoss AK-EM100 stores login credentials in cleartext. High Unreviewed

CVE-2023-22584 was published Jun 11, 2023

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test... High Unreviewed

CVE-2024-8070 was published Oct 13, 2024

The health endpoint is public so everybody can see a list of all services. It is potentially... Critical Unreviewed

CVE-2024-9798 was published Oct 10, 2024

The conformance validation endpoint is public so everybody can verify the conformance of... Moderate Unreviewed

CVE-2024-9802 was published Oct 10, 2024

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed

CVE-2024-45004 was published Sep 4, 2024

A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed

CVE-2024-20448 was published Oct 2, 2024

Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp... Critical Unreviewed

CVE-2024-8644 was published Sep 27, 2024

An unauthorized user is able to gain access to sensitive data, including credentials, by... High Unreviewed

CVE-2024-38280 was published Jun 13, 2024

In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive... High Unreviewed

CVE-2024-25661 was published Oct 1, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed

CVE-2024-28807 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed

CVE-2024-28810 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in... High Unreviewed

CVE-2024-28809 was published Sep 30, 2024

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed

CVE-2024-45862 was published Sep 19, 2024

The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in... Low Unreviewed

CVE-2023-5359 was published Sep 25, 2024

Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within... High Unreviewed

CVE-2024-8459 was published Sep 30, 2024

In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular... Moderate Unreviewed

CVE-2023-39440 was published Aug 8, 2023

The configuration file stores credentials in cleartext. An attacker with local access rights can... Moderate Unreviewed

CVE-2024-6785 was published Sep 21, 2024

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank... Moderate Unreviewed

CVE-2024-9040 was published Sep 20, 2024

A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed

CVE-2024-7259 was published Sep 26, 2024

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ... Critical Unreviewed

CVE-2023-41095 was published Oct 26, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed

CVE-2023-41096 was published Oct 26, 2023

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed

CVE-2023-6874 was published Feb 5, 2024

"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed

CVE-2022-38710 was published Nov 4, 2022

A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting... Moderate Unreviewed

CVE-2024-35282 was published Sep 10, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

438 advisories