GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,799

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Filter by severity

Sort by

Least recently updated

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through... Moderate Unreviewed

CVE-2022-43959 was published Jan 20, 2023

A vulnerability has been found in CESNET theme-cesnet up to 1.x and classified as problematic.... Moderate Unreviewed

CVE-2016-15014 was published Jan 7, 2023

Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed

CVE-2022-45424 was published Dec 27, 2022

IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear... Moderate Unreviewed

CVE-2022-22458 was published Dec 23, 2022

A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension... Moderate Unreviewed

CVE-2022-4612 was published Dec 19, 2022

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical... Moderate Unreviewed

CVE-2022-46142 was published Dec 13, 2022

A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through... Moderate Unreviewed

CVE-2022-4312 was published Dec 12, 2022

HCL Launch could allow a user with administrative privileges, including "Manage Security"... Moderate Unreviewed

CVE-2022-42445 was published Dec 12, 2022

Insufficiently Protected Credentials vulnerability in the remote backups application on Western... Moderate Unreviewed

CVE-2022-29839 was published Dec 9, 2022

Plaintext storage of a password vulnerability exists in +F FS040U software versions v2.3.4 and... Moderate Unreviewed

CVE-2022-43442 was published Dec 5, 2022

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a... Moderate Unreviewed

CVE-2022-41732 was published Nov 28, 2022

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3... Moderate Unreviewed

CVE-2022-29833 was published Nov 25, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7... Moderate Unreviewed

CVE-2022-40751 was published Nov 17, 2022

The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0... Moderate Unreviewed

CVE-2022-42132 was published Nov 15, 2022

The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed

CVE-2022-40845 was published Nov 15, 2022

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the... Moderate Unreviewed

CVE-2022-3781 was published Nov 2, 2022

Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains... Moderate Unreviewed

CVE-2022-29089 was published Sep 29, 2022

In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext password) occur in /cgi... Moderate Unreviewed

CVE-2022-39816 was published Sep 14, 2022

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption.... Moderate Unreviewed

CVE-2022-36617 was published Sep 10, 2022

HCL VersionVault Express exposes administrator credentials. Moderate Unreviewed

CVE-2022-27560 was published Aug 31, 2022

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who... Moderate Unreviewed

CVE-2022-34837 was published Aug 25, 2022

Fiserv Prologue through 2020-12-16 does not properly protect the database password. If an... Moderate Unreviewed

CVE-2020-35992 was published Aug 24, 2022

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions... Moderate Unreviewed

CVE-2022-29507 was published Aug 19, 2022

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed

CVE-2022-30944 was published Aug 19, 2022

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed

CVE-2022-29959 was published Aug 17, 2022

Previous 1 2 3 4 5 6 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

335 advisories