GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,958
Composer 4,277
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,839

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

463 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email... Moderate Unreviewed

CVE-2021-34544 was published Dec 8, 2021

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information,... High Unreviewed

CVE-2021-43388 was published Dec 15, 2021

SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the... Moderate Unreviewed

CVE-2021-42066 was published Dec 15, 2021

Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU... High Unreviewed

CVE-2021-20827 was published Dec 25, 2021

A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could... Moderate Unreviewed

CVE-2021-35035 was published Dec 30, 2021

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and... Moderate Unreviewed

CVE-2021-20171 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and... Moderate Unreviewed

CVE-2021-20162 was published Dec 31, 2021

A vulnerability in the information storage architecture of several Cisco IP Phone models could... Moderate Unreviewed

CVE-2022-20660 was published Jan 15, 2022

When the Windows Tentacle docker image starts up it logs all the commands that it runs along with... Moderate Unreviewed

CVE-2021-31821 was published Jan 20, 2022

Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E ... Moderate Unreviewed

CVE-2022-23129 was published Jan 22, 2022

Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and... High Unreviewed

CVE-2022-22789 was published Jan 26, 2022

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed

CVE-2021-42642 was published Feb 9, 2022

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed

CVE-2021-40363 was published Feb 10, 2022

NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual... Moderate Unreviewed

CVE-2022-21818 was published Feb 16, 2022

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores... High Unreviewed

CVE-2021-3551 was published Feb 17, 2022

Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local,... Moderate Unreviewed

CVE-2020-14480 was published Feb 25, 2022

A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could... Moderate Unreviewed

CVE-2021-35036 was published Mar 2, 2022

Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a... Moderate Unreviewed

CVE-2021-43590 was published Mar 5, 2022

" Insecure password storage issue.The application stores sensitive information in cleartext... High Unreviewed

CVE-2021-27757 was published Mar 5, 2022

Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows... Moderate Unreviewed

CVE-2022-26778 was published Mar 11, 2022

SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed

CVE-2022-23234 was published Mar 17, 2022

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix... Critical Unreviewed

CVE-2022-26148 was published Mar 22, 2022

3CX System through 2022-03-17 stores cleartext passwords in a database. Moderate Unreviewed

CVE-2021-45491 was published Mar 29, 2022

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F... Critical Unreviewed

CVE-2022-25158 was published Apr 3, 2022

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F... Moderate Unreviewed

CVE-2022-25160 was published Apr 3, 2022

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

463 advisories