GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23 advisories
Filter by severity
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a...
Low
Unreviewed
CVE-2002-1696
was published
Apr 30, 2022
Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext...
Low
Unreviewed
CVE-2005-2209
was published
May 1, 2022
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish...
Low
Unreviewed
CVE-2008-1567
was published
May 1, 2022
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
Low
Unreviewed
CVE-2022-28162
was published
May 10, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Low
Unreviewed
CVE-2019-19291
was published
May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at...
Low
Unreviewed
CVE-2019-18254
was published
May 24, 2022
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy...
Low
Unreviewed
CVE-2020-7516
was published
May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory...
Low
Unreviewed
CVE-2020-15485
was published
May 24, 2022
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text...
Low
Unreviewed
CVE-2019-4566
was published
May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in...
Low
Unreviewed
CVE-2023-23776
was published
Mar 7, 2023
A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and...
Low
Unreviewed
CVE-2023-2863
was published
May 24, 2023
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6...
Low
Unreviewed
CVE-2022-22302
was published
Jul 11, 2023
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected...
Low
Unreviewed
CVE-2023-4392
was published
Aug 17, 2023
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,...
Low
Unreviewed
CVE-2023-3950
was published
Sep 1, 2023
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The...
Low
Unreviewed
CVE-2023-44153
was published
Sep 27, 2023
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37396
was published
Apr 19, 2024
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This...
Low
Unreviewed
CVE-2024-4235
was published
Apr 26, 2024
An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted...
Low
Unreviewed
CVE-2023-46294
was published
May 1, 2024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is
stored in...
Low
Unreviewed
CVE-2024-28024
was published
Jun 11, 2024
NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it...
Low
Unreviewed
CVE-2024-39846
was published
Jun 29, 2024
The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores...
Low
Unreviewed
CVE-2024-40594
was published
Jul 6, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Low
Unreviewed
CVE-2023-5359
was published
Sep 25, 2024
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about...
Low
Unreviewed
CVE-2024-46383
was published
Nov 15, 2024
ProTip!
Advisories are also available from the
GraphQL API