GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
494 advisories
Filter by severity
In Versa Director, the unencrypted backup files stored on the Versa deployment contain...
Moderate
Unreviewed
CVE-2018-16498
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read...
Moderate
Unreviewed
CVE-2021-29683
was published
May 24, 2022
In multiple managed switches by WAGO in different versions the webserver cookies of the web based...
High
Unreviewed
CVE-2021-20995
was published
May 24, 2022
An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6...
Moderate
Unreviewed
CVE-2021-25645
was published
May 24, 2022
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN...
Moderate
Unreviewed
CVE-2020-36248
was published
May 24, 2022
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the...
Moderate
Unreviewed
CVE-2021-28858
was published
May 24, 2022
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials...
Moderate
Unreviewed
CVE-2021-27210
was published
May 24, 2022
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to...
Moderate
Unreviewed
CVE-2021-27204
was published
May 24, 2022
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful...
Moderate
Unreviewed
CVE-2020-15384
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in...
High
Unreviewed
CVE-2021-27178
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext...
High
Unreviewed
CVE-2021-27176
was published
May 24, 2022
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login...
Moderate
Unreviewed
CVE-2021-21734
was published
May 24, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext...
High
Unreviewed
CVE-2022-42955
was published
Nov 7, 2022
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager...
Moderate
Unreviewed
CVE-2021-25692
was published
May 24, 2022
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be...
Moderate
Unreviewed
CVE-2020-4189
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1...
Moderate
Unreviewed
CVE-2020-4944
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in...
Moderate
Unreviewed
CVE-2020-4884
was published
May 24, 2022
IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be...
Moderate
Unreviewed
CVE-2020-4604
was published
May 24, 2022
In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after...
High
Unreviewed
CVE-2021-31791
was published
May 24, 2022
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users...
High
Unreviewed
CVE-2020-5805
was published
May 24, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29501
was published
May 24, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the...
High
Unreviewed
CVE-2022-42956
was published
Nov 7, 2022
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage...
Moderate
Unreviewed
CVE-2020-29500
was published
May 24, 2022
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an...
High
Unreviewed
CVE-2018-19941
was published
May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of...
Moderate
Unreviewed
CVE-2021-26579
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API