Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Loading
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed
CVE-2021-36317 was published Dec 22, 2021
** DISPUTED ** An issue was discovered in SMA Solar Technology products. Sniffed passwords from... Critical Unreviewed
CVE-2017-9856 was published May 13, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords... High Unreviewed
CVE-2019-10921 was published May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments... High Unreviewed
CVE-2022-22557 was published Jun 3, 2022
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its... High Unreviewed
CVE-2022-1794 was published Jul 12, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F... High Unreviewed
CVE-2023-0457 was published Mar 3, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows... High Unreviewed
CVE-2022-4308 was published Apr 19, 2023
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user... Moderate Unreviewed
CVE-2022-4945 was published May 23, 2023
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all... Critical Unreviewed
CVE-2023-26204 was published Jun 13, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in... Moderate Unreviewed
CVE-2023-3395 was published Jul 3, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file... Moderate Unreviewed
CVE-2023-22389 was published Jul 6, 2023
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user... Moderate Unreviewed
CVE-2023-35765 was published Jul 7, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System... High Unreviewed
CVE-2023-35067 was published Jul 25, 2023
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could... High Unreviewed
CVE-2023-39227 was published Sep 11, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic.... Moderate Unreviewed
CVE-2023-4984 was published Sep 15, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages... High Unreviewed
CVE-2022-3261 was published Sep 15, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly... High Unreviewed
CVE-2023-39452 was published Sep 18, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed
CVE-2022-47561 was published Sep 20, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed
CVE-2023-27315 was published Oct 12, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed
CVE-2023-43777 was published Oct 17, 2023
EisBaer Scada - CWE-256: Plaintext Storage of a Password Critical Unreviewed
CVE-2023-42493 was published Oct 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database