GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,009

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

290 advisories

Filter by severity

Sort by

Least recently updated

UltraLog Express device management software stores user’s information in cleartext. Any user can... Moderate Unreviewed

CVE-2020-3921 was published May 24, 2022

During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor... Moderate Unreviewed

CVE-2020-9045 was published May 24, 2022

Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’... Moderate Unreviewed

CVE-2020-3935 was published May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in... Moderate Unreviewed

CVE-2019-4314 was published May 24, 2022

Jenkins NeuVector Vulnerability Scanner Plugin stored credentials in plain text Moderate

CVE-2019-10430 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) May 24, 2022

IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2021-38949 was published May 24, 2022

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The... Moderate Unreviewed

CVE-2020-10053 was published May 24, 2022

A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov... Moderate Unreviewed

CVE-2021-25502 was published May 24, 2022

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0... Moderate Unreviewed

CVE-2020-15935 was published May 24, 2022

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below... Moderate Unreviewed

CVE-2021-41023 was published May 24, 2022

IBM Jazz Team Server products stores user credentials in clear text which can be read by an... Moderate Unreviewed

CVE-2021-29786 was published May 24, 2022

IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can... Moderate Unreviewed

CVE-2021-38911 was published May 24, 2022

Rich Text Edit Control Information Disclosure Vulnerability Moderate Unreviewed

CVE-2021-40454 was published May 24, 2022

IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an... Moderate Unreviewed

CVE-2021-38915 was published May 24, 2022

RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of... Moderate Unreviewed

CVE-2021-36165 was published May 24, 2022

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user... Moderate Unreviewed

CVE-2021-29904 was published May 24, 2022

A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions <... Moderate Unreviewed

CVE-2021-33716 was published May 24, 2022

An issue obscuring passwords in screenshots was addressed with improved logic. This issue is... Moderate Unreviewed

CVE-2021-1865 was published May 24, 2022

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden... Moderate Unreviewed

CVE-2021-36096 was published May 24, 2022

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias... Moderate Unreviewed

CVE-2021-40087 was published May 24, 2022

A user with permission to log on to the machine hosting the AXIS Device Manager client could... Moderate Unreviewed

CVE-2021-31989 was published May 24, 2022

UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle... Moderate Unreviewed

CVE-2020-36473 was published May 24, 2022

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix... Moderate Unreviewed

CVE-2021-33325 was published May 24, 2022

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by... Moderate Unreviewed

CVE-2021-31581 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be... Moderate Unreviewed

CVE-2021-20510 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

290 advisories