GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
166 advisories
Filter by severity
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away...
High
Unreviewed
CVE-2020-8225
was published
May 24, 2022
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way...
High
Unreviewed
CVE-2020-10273
was published
May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.
High
Unreviewed
CVE-2020-13783
was published
May 24, 2022
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1...
High
Unreviewed
CVE-2020-10267
was published
May 24, 2022
An attacker with low privilege could retrieve usernames and passwords credentials from the new...
High
Unreviewed
CVE-2019-14890
was published
May 24, 2022
Jenkins Delphix Plugin vulnerable to Cleartext credential storage
High
CVE-2019-10453
was published
for
org.jenkins-ci.plugins:delphix
(Maven)
May 24, 2022
Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin
High
CVE-2019-10448
was published
for
jenkins.xtc:extensivetesting
(Maven)
May 24, 2022
Jenkins NeoLoad Plugin stores credentials in cleartext
High
CVE-2019-10440
was published
for
org.jenkins-ci.plugins:neoload-jenkins-plugin
(Maven)
May 24, 2022
Jenkins iceScrum Plugin stores credentials in Cleartext
High
CVE-2019-10443
was published
for
org.jenkins-ci.plugins:icescrum
(Maven)
May 24, 2022
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell...
High
Unreviewed
CVE-2019-3767
was published
May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in...
High
Unreviewed
CVE-2019-15023
was published
May 24, 2022
Plaintext Storage of Sensitive Information in Laravel Log Viewer before v0.13.0
High
CVE-2018-8947
was published
for
rap2hpoutre/laravel-log-viewer
(Composer)
May 13, 2022
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to...
High
Unreviewed
CVE-2018-9065
was published
May 13, 2022
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true"...
High
Unreviewed
CVE-2017-16835
was published
May 13, 2022
Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows...
High
Unreviewed
CVE-2017-13663
was published
May 13, 2022
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in...
High
Unreviewed
CVE-2017-1309
was published
May 13, 2022
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and...
High
Unreviewed
CVE-2017-9663
was published
May 13, 2022
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS)...
High
Unreviewed
CVE-2018-0089
was published
May 13, 2022
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive...
High
Unreviewed
CVE-2018-10871
was published
May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive...
High
Unreviewed
CVE-2018-1877
was published
May 13, 2022
The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk...
High
Unreviewed
CVE-2017-3214
was published
May 13, 2022
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which...
High
Unreviewed
CVE-2018-12572
was published
May 13, 2022
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local...
High
Unreviewed
CVE-2018-19009
was published
May 13, 2022
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS...
High
Unreviewed
CVE-2018-19981
was published
May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext...
High
Unreviewed
CVE-2016-0876
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API