Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,026 advisories

Loading
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which... High Unreviewed
CVE-2024-43812 was published Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed
CVE-2024-20462 was published Oct 16, 2024
SiCKRAGE Discloses Plaintext Credentials Critical
CVE-2018-9160 was published for sickrage (pip) May 13, 2022
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H... Moderate Unreviewed
CVE-2024-9677 was published Oct 22, 2024
Insufficiently Protected Credentials in Requests High
CVE-2018-18074 was published for requests (pip) Oct 29, 2018
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache... Critical Unreviewed
CVE-2024-44000 was published Oct 20, 2024
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is... High Unreviewed
CVE-2024-7755 was published Oct 17, 2024
The affected product is vulnerable due to insufficiently protected credentials, which may allow... High Unreviewed
CVE-2024-49396 was published Oct 17, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that... Moderate Unreviewed
CVE-2022-38714 was published Feb 12, 2024
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API Moderate Unreviewed
CVE-2024-47161 was published Oct 8, 2024
python-oslo-utils has improper password parsing Moderate
CVE-2022-0718 was published for oslo-utils (pip) Aug 29, 2022
Advantech ADAM-5630 shares user credentials plain text between the device and the user source... Moderate Unreviewed
CVE-2024-34542 was published Sep 27, 2024
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64... Moderate Unreviewed
CVE-2024-37187 was published Sep 27, 2024
A vulnerability in the storage method of the PON Controller configuration file could allow an... High Unreviewed
CVE-2024-20489 was published Sep 11, 2024
OAuth2 client ID and secret exposed through the web browser High
CVE-2024-9014 was published for pgadmin4 (pip) Sep 23, 2024
m3t3kh4n
System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed
CVE-2024-3165 was published Apr 2, 2024
OpenStack Identity Keystone and keystonemiddleware Insufficiently Protected Credentials High
CVE-2015-7546 was published for keystone (pip) May 13, 2022
OpenStack Keystone Credential Leakage High
CVE-2019-19687 was published for keystone (pip) May 24, 2022
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it... High Unreviewed
CVE-2023-22862 was published Jun 5, 2023
An issue in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to... High Unreviewed
CVE-2024-44815 was published Sep 10, 2024
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4328 was published Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4327 was published Aug 15, 2023
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... Moderate Unreviewed
CVE-2024-40703 was published Sep 22, 2024
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized... High Unreviewed
CVE-2024-8777 was published Sep 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database