Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

155 advisories

Loading
The Danfoss AK-EM100 stores login credentials in cleartext. High Unreviewed
CVE-2023-22584 was published Jun 11, 2023
Bitwarden Desktop v1.20.0 and above stores the biometric key in plaintext which allows a local... High Unreviewed
CVE-2023-27706 was published Jun 9, 2023
Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3.... High Unreviewed
CVE-2023-28713 was published Jun 1, 2023
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40... High Unreviewed
CVE-2023-2335 was published Apr 27, 2023
Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. High Unreviewed
CVE-2023-29480 was published Apr 24, 2023
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in... High Unreviewed
CVE-2023-31043 was published Apr 23, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of... High Unreviewed
CVE-2023-26593 was published Apr 11, 2023
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1683 was published Mar 29, 2023
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability... High Unreviewed
CVE-2023-26760 was published Feb 27, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with... High Unreviewed
CVE-2022-34351 was published Feb 17, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-41734 was published Feb 17, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... High Unreviewed
CVE-2022-34388 was published Feb 11, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. High Unreviewed
CVE-2022-48073 was published Jan 27, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. High Unreviewed
CVE-2022-48071 was published Jan 27, 2023
In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in... High Unreviewed
CVE-2022-38112 was published Jan 20, 2023
An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the... High Unreviewed
CVE-2022-37785 was published Jan 1, 2023
IXPdata EasyInstall 6.6.14725 contains an access control issue. High Unreviewed
CVE-2022-35120 was published Dec 2, 2022
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password... High Unreviewed
CVE-2022-24188 was published Nov 29, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3... High Unreviewed
CVE-2022-29826 was published Nov 25, 2022
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 all... High Unreviewed
CVE-2022-25164 was published Nov 25, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the... High Unreviewed
CVE-2022-42956 was published Nov 7, 2022
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext... High Unreviewed
CVE-2022-42955 was published Nov 7, 2022
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190... High Unreviewed
CVE-2022-2739 was published Sep 2, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed
CVE-2022-37401 was published Aug 16, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Guest... High Unreviewed
CVE-2022-2813 was published Aug 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database