Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

171 advisories

Loading
Sensitive data written to disk unencrypted in Spark High
CVE-2019-10099 was published for org.apache.spark:spark-core_2.11 (Maven) Aug 8, 2019
django-nopassword stores secrets in cleartext High
CVE-2019-10682 was published for django-nopassword (pip) Jun 5, 2020
Cleartext storage of session identifier High
CVE-2020-26228 was published for typo3/cms (Composer) Nov 23, 2020
liayn bmack
ohader
django-celery-results Stores Sensitive Information In Cleartext High
CVE-2020-17495 was published for django-celery-results (pip) Jun 4, 2021
G-Rath
Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information,... High Unreviewed
CVE-2021-43388 was published Dec 15, 2021
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU... High Unreviewed
CVE-2021-20827 was published Dec 25, 2021
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and... High Unreviewed
CVE-2022-22789 was published Jan 26, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42642 was published Feb 9, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40363 was published Feb 10, 2022
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores... High Unreviewed
CVE-2021-3551 was published Feb 17, 2022
" Insecure password storage issue.The application stores sensitive information in cleartext... High Unreviewed
CVE-2021-27757 was published Mar 5, 2022
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions... High Unreviewed
CVE-2009-5068 was published Apr 21, 2022
VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and... High Unreviewed
CVE-2021-36460 was published Apr 26, 2022
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file,... High Unreviewed
CVE-2001-1481 was published Apr 30, 2022
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file,... High Unreviewed
CVE-2005-1828 was published May 1, 2022
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions... High Unreviewed
CVE-2022-28214 was published May 12, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext... High Unreviewed
CVE-2016-0876 was published May 13, 2022
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS... High Unreviewed
CVE-2018-19981 was published May 13, 2022
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local... High Unreviewed
CVE-2018-19009 was published May 13, 2022
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which... High Unreviewed
CVE-2018-12572 was published May 13, 2022
The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk... High Unreviewed
CVE-2017-3214 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive... High Unreviewed
CVE-2018-1877 was published May 13, 2022
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive... High Unreviewed
CVE-2018-10871 was published May 13, 2022
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS)... High Unreviewed
CVE-2018-0089 was published May 13, 2022
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and... High Unreviewed
CVE-2017-9663 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database