Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

475 advisories

Loading
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text.... Moderate Unreviewed
CVE-2024-10404 was published Feb 14, 2025
mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain... Critical Unreviewed
CVE-2025-22896 was published Feb 14, 2025
Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed
CVE-2023-31423 was published Aug 31, 2023
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server... High Unreviewed
CVE-2023-3489 was published Aug 31, 2023
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi... Moderate Unreviewed
CVE-2023-0614 was published Apr 4, 2023
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed
CVE-2024-49800 was published Feb 6, 2025
Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record... Unknown Unreviewed
CVE-2025-26495 was published Feb 11, 2025
Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti... Moderate Unreviewed
CVE-2024-13843 was published Feb 11, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed
CVE-2024-53651 was published Feb 11, 2025
Sensitive data could be exposed to non- privileged users in a configuration file. Local access... Moderate Unreviewed
CVE-2024-45718 was published Feb 11, 2025
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to... Moderate Unreviewed
CVE-2011-4723 was published May 17, 2022
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to... Moderate Unreviewed
CVE-2024-29952 was published Apr 18, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in... Moderate Unreviewed
CVE-2024-29956 was published Apr 18, 2024
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in... High Unreviewed
CVE-2023-31043 was published Apr 23, 2023
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version... Moderate Unreviewed
CVE-2025-0142 was published Jan 30, 2025
Clear text secrets returned & Remote system secrets in clear text Moderate Unreviewed
CVE-2024-55928 was published Jan 23, 2025
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An... Moderate Unreviewed
CVE-2024-12079 was published Jan 23, 2025
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
An issue in H3C switch h3c-S1526 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2024-51175 was published Dec 18, 2024
A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0... Moderate Unreviewed
CVE-2024-50570 was published Dec 18, 2024
Oxide before 6 has unencrypted Control Plane datastores. Moderate Unreviewed
CVE-2024-55582 was published Dec 9, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information. High Unreviewed
CVE-2024-40582 was published Dec 9, 2024
TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user... High Unreviewed
CVE-2024-46340 was published Dec 10, 2024
IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in... Moderate Unreviewed
CVE-2024-35117 was published Dec 11, 2024
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This... Moderate Unreviewed
CVE-2024-11159 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database