Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,124
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users... High Unreviewed
CVE-2020-5805 was published May 24, 2022
In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after... High Unreviewed
CVE-2021-31791 was published May 24, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext... High Unreviewed
CVE-2022-42955 was published Nov 7, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext... High Unreviewed
CVE-2021-27176 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in... High Unreviewed
CVE-2021-27178 was published May 24, 2022
In multiple managed switches by WAGO in different versions the webserver cookies of the web based... High Unreviewed
CVE-2021-20995 was published May 24, 2022
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect... High Unreviewed
CVE-2021-25644 was published May 24, 2022
The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service... High Unreviewed
CVE-2020-29324 was published May 24, 2022
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key... High Unreviewed
CVE-2021-29950 was published May 24, 2022
An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary... High Unreviewed
CVE-2020-22741 was published May 24, 2022
The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt... High Unreviewed
CVE-2020-12731 was published May 24, 2022
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before... High Unreviewed
CVE-2021-33323 was published May 24, 2022
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. High Unreviewed
CVE-2021-37548 was published May 24, 2022
An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control... High Unreviewed
CVE-2020-18759 was published May 24, 2022
In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured... High Unreviewed
CVE-2021-31820 was published May 24, 2022
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear... High Unreviewed
CVE-2020-19137 was published May 24, 2022
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile... High Unreviewed
CVE-2021-40527 was published May 24, 2022
Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The... High Unreviewed
CVE-2021-42763 was published May 24, 2022
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote... High Unreviewed
CVE-2021-37842 was published May 24, 2022
Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext,... High Unreviewed
CVE-2021-38422 was published May 24, 2022
A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because... High Unreviewed
CVE-2021-42370 was published May 24, 2022
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config... High Unreviewed
CVE-2021-37157 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. The password of an integration user account ... High Unreviewed
CVE-2020-29550 was published May 24, 2022
Jenkins Delphix Plugin vulnerable to Cleartext credential storage High
CVE-2019-10453 was published for org.jenkins-ci.plugins:delphix (Maven) May 24, 2022
IXPdata EasyInstall 6.6.14725 contains an access control issue. High Unreviewed
CVE-2022-35120 was published Dec 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database