GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
438 advisories
Filter by severity
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition...
High
Unreviewed
CVE-2024-9466
was published
Oct 9, 2024
The Danfoss AK-EM100 stores login credentials in cleartext.
High
Unreviewed
CVE-2023-22584
was published
Jun 11, 2023
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test...
High
Unreviewed
CVE-2024-8070
was published
Oct 13, 2024
The health endpoint is public so everybody can see a list of all services. It is potentially...
Critical
Unreviewed
CVE-2024-9798
was published
Oct 10, 2024
The conformance validation endpoint is public so everybody can verify the conformance of...
Moderate
Unreviewed
CVE-2024-9802
was published
Oct 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: dcp: fix leak...
Moderate
Unreviewed
CVE-2024-45004
was published
Sep 4, 2024
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco...
Moderate
Unreviewed
CVE-2024-20448
was published
Oct 2, 2024
Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp...
Critical
Unreviewed
CVE-2024-8644
was published
Sep 27, 2024
An unauthorized user is able to gain access to sensitive data, including credentials, by...
High
Unreviewed
CVE-2024-38280
was published
Jun 13, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive...
High
Unreviewed
CVE-2024-25661
was published
Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information...
Moderate
Unreviewed
CVE-2024-28807
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic...
Moderate
Unreviewed
CVE-2024-28810
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in...
High
Unreviewed
CVE-2024-28809
was published
Sep 30, 2024
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may...
High
Unreviewed
CVE-2024-45862
was published
Sep 19, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Low
Unreviewed
CVE-2023-5359
was published
Sep 25, 2024
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within...
High
Unreviewed
CVE-2024-8459
was published
Sep 30, 2024
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular...
Moderate
Unreviewed
CVE-2023-39440
was published
Aug 8, 2023
The configuration file stores credentials in cleartext. An attacker with local access rights can...
Moderate
Unreviewed
CVE-2024-6785
was published
Sep 21, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank...
Moderate
Unreviewed
CVE-2024-9040
was published
Sep 20, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the...
Moderate
Unreviewed
CVE-2024-7259
was published
Sep 26, 2024
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ...
Critical
Unreviewed
CVE-2023-41095
was published
Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ...
Moderate
Unreviewed
CVE-2023-41096
was published
Oct 26, 2023
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of...
High
Unreviewed
CVE-2023-6874
was published
Feb 5, 2024
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information...
Moderate
Unreviewed
CVE-2022-38710
was published
Nov 4, 2022
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting...
Moderate
Unreviewed
CVE-2024-35282
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API