GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
22 advisories
Filter by severity
Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in...
High
Unreviewed
CVE-2023-41610
was published
Sep 18, 2024
A vulnerability in the storage method of the PON Controller configuration file could allow an...
High
Unreviewed
CVE-2024-20489
was published
Sep 11, 2024
An issue in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to...
High
Unreviewed
CVE-2024-44815
was published
Sep 10, 2024
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords...
High
Unreviewed
CVE-2024-36460
was published
Aug 12, 2024
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal...
High
Unreviewed
CVE-2024-27166
was published
Jun 14, 2024
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions
High
Unreviewed
CVE-2022-0555
was published
Jun 3, 2024
An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary...
High
Unreviewed
CVE-2024-28736
was published
May 31, 2024
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on...
High
Unreviewed
CVE-2024-3625
was published
Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is...
High
Unreviewed
CVE-2024-3622
was published
Apr 25, 2024
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's...
High
Unreviewed
CVE-2024-3624
was published
Apr 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret...
High
Unreviewed
CVE-2024-3623
was published
Apr 25, 2024
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read...
High
Unreviewed
CVE-2023-6518
was published
Feb 8, 2024
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config...
High
Unreviewed
CVE-2024-22432
was published
Jan 25, 2024
** UNSUPPPORTED WHEN ASSIGNED **
The web application that owns the device clearly...
High
Unreviewed
CVE-2023-39452
was published
Sep 18, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages...
High
Unreviewed
CVE-2022-3261
was published
Sep 15, 2023
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could...
High
Unreviewed
CVE-2023-39227
was published
Sep 11, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System...
High
Unreviewed
CVE-2023-35067
was published
Jul 25, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows...
High
Unreviewed
CVE-2022-4308
was published
Apr 19, 2023
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F...
High
Unreviewed
CVE-2023-0457
was published
Mar 3, 2023
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its...
High
Unreviewed
CVE-2022-1794
was published
Jul 12, 2022
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments...
High
Unreviewed
CVE-2022-22557
was published
Jun 3, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords...
High
Unreviewed
CVE-2019-10921
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API