GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,009 advisories
Filter by severity
IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized...
High
Unreviewed
CVE-2017-1764
was published
May 13, 2022
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated...
Critical
Unreviewed
CVE-2017-17106
was published
May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes...
High
Unreviewed
CVE-2017-15918
was published
May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4...
High
Unreviewed
CVE-2017-15656
was published
May 13, 2022
The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga...
High
Unreviewed
CVE-2017-14711
was published
May 13, 2022
The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware...
High
Unreviewed
CVE-2017-14418
was published
May 13, 2022
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier...
High
Unreviewed
CVE-2017-14111
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login...
High
Unreviewed
CVE-2017-1378
was published
May 13, 2022
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials...
High
Unreviewed
CVE-2017-1337
was published
May 13, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text...
High
Unreviewed
CVE-2017-1362
was published
May 13, 2022
IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text...
High
Unreviewed
CVE-2017-1201
was published
May 13, 2022
IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by...
Moderate
Unreviewed
CVE-2017-1207
was published
May 13, 2022
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for...
Critical
Unreviewed
CVE-2017-11349
was published
May 13, 2022
Jenkins Build-Publisher plugin has Insufficiently Protected Credentials
High
CVE-2017-1000387
was published
for
org.jenkins-ci.plugins:build-publisher
(Maven)
May 13, 2022
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext
Critical
CVE-2017-1000245
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 13, 2022
An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated...
Critical
Unreviewed
CVE-2017-11510
was published
May 13, 2022
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to...
High
Unreviewed
CVE-2017-13998
was published
May 13, 2022
In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in...
Critical
Unreviewed
CVE-2017-16714
was published
May 13, 2022
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8...
High
Unreviewed
CVE-2017-16731
was published
May 13, 2022
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read...
High
Unreviewed
CVE-2017-1231
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that...
High
Unreviewed
CVE-2017-1411
was published
May 13, 2022
The skyring-setup command creates random password for mongodb skyring database but it writes...
High
Unreviewed
CVE-2017-2665
was published
May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently...
Critical
Unreviewed
CVE-2017-3192
was published
May 13, 2022
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password...
High
Unreviewed
CVE-2017-7524
was published
May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC...
Critical
Unreviewed
CVE-2017-7925
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API