Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278 advisories

Loading
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This... Moderate Unreviewed
CVE-2022-42284 was published Jan 13, 2023
IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read... Moderate Unreviewed
CVE-2022-22470 was published Jan 9, 2023
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access... Moderate Unreviewed
CVE-2022-41740 was published Jan 5, 2023
Certain General Electric Renewable Energy products store cleartext credentials in flash memory.... Moderate Unreviewed
CVE-2022-24120 was published Dec 26, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including... Moderate Unreviewed
CVE-2022-22457 was published Dec 23, 2022
Sensitive information was stored in plain text in a file that is accessible by a user with a... Moderate Unreviewed
CVE-2022-47512 was published Dec 19, 2022
The vCenter Server contains an information disclosure vulnerability due to the logging of... Moderate Unreviewed
CVE-2022-31697 was published Dec 13, 2022
A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through... Moderate Unreviewed
CVE-2022-4312 was published Dec 12, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2022-29832 was published Nov 25, 2022
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed
CVE-2022-38710 was published Nov 4, 2022
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20... Moderate Unreviewed
CVE-2022-35279 was published Nov 4, 2022
"IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2022-34339 was published Nov 4, 2022
"IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in... Moderate Unreviewed
CVE-2021-39077 was published Nov 4, 2022
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log... Moderate Unreviewed
CVE-2022-2805 was published Oct 19, 2022
An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of... Moderate Unreviewed
CVE-2022-3540 was published Oct 17, 2022
Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An... Moderate Unreviewed
CVE-2022-33918 was published Oct 13, 2022
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before... Moderate Unreviewed
CVE-2015-1931 was published Sep 30, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication. Moderate Unreviewed
CVE-2020-15325 was published Sep 30, 2022
The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only... Moderate Unreviewed
CVE-2022-26390 was published Sep 10, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 stores user credentials in plain clear text which... Moderate Unreviewed
CVE-2021-39009 was published Sep 2, 2022
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs... Moderate Unreviewed
CVE-2021-3585 was published Aug 27, 2022
The affected device stores sensitive information in cleartext, which may allow an authenticated... Moderate Unreviewed
CVE-2022-2569 was published Aug 25, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A... Moderate Unreviewed
CVE-2022-29090 was published Aug 11, 2022
HCL Launch may store certain data for recurring activities in a plain text format. Moderate Unreviewed
CVE-2022-27549 was published Jul 7, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive... Moderate Unreviewed
CVE-2022-22367 was published Jul 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database