GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
282 advisories
Filter by severity
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as,...
High
Unreviewed
CVE-2018-5708
was published
May 13, 2022
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and...
High
Unreviewed
CVE-2018-5543
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11...
High
Unreviewed
CVE-2018-4190
was published
May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue...
High
Unreviewed
CVE-2018-4170
was published
May 13, 2022
ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows...
High
Unreviewed
CVE-2018-19795
was published
May 13, 2022
Squash TM through 1.18.0 presents the cleartext passwords of external services in the...
High
Unreviewed
CVE-2018-16987
was published
May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in...
High
Unreviewed
CVE-2018-1377
was published
May 13, 2022
Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC...
High
Unreviewed
CVE-2018-13014
was published
May 13, 2022
Previous releases of the Puppet device_manager module creates configuration files containing...
High
Unreviewed
CVE-2018-11748
was published
May 13, 2022
Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin...
High
Unreviewed
CVE-2018-11639
was published
May 13, 2022
Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3...
High
Unreviewed
CVE-2018-11634
was published
May 13, 2022
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
High
Unreviewed
CVE-2018-10814
was published
May 13, 2022
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow...
High
Unreviewed
CVE-2018-10355
was published
May 13, 2022
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding,...
High
Unreviewed
CVE-2018-10327
was published
May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS...
High
Unreviewed
CVE-2018-10286
was published
May 13, 2022
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due...
High
Unreviewed
CVE-2018-0828
was published
May 13, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of...
High
Unreviewed
CVE-2017-8296
was published
May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA...
High
Unreviewed
CVE-2017-8222
was published
May 13, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password...
High
Unreviewed
CVE-2017-6528
was published
May 13, 2022
Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH,...
High
Unreviewed
CVE-2017-5700
was published
May 13, 2022
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a...
High
Unreviewed
CVE-2017-1779
was published
May 13, 2022
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the...
High
Unreviewed
CVE-2017-17691
was published
May 13, 2022
IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized...
High
Unreviewed
CVE-2017-1764
was published
May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes...
High
Unreviewed
CVE-2017-15918
was published
May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4...
High
Unreviewed
CVE-2017-15656
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API