Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Loading
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due... High Unreviewed
CVE-2018-0828 was published May 13, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of... High Unreviewed
CVE-2017-8296 was published May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA... High Unreviewed
CVE-2017-8222 was published May 13, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed
CVE-2017-6528 was published May 13, 2022
Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH,... High Unreviewed
CVE-2017-5700 was published May 13, 2022
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a... High Unreviewed
CVE-2017-1779 was published May 13, 2022
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the... High Unreviewed
CVE-2017-17691 was published May 13, 2022
IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized... High Unreviewed
CVE-2017-1764 was published May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4... High Unreviewed
CVE-2017-15656 was published May 13, 2022
The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga... High Unreviewed
CVE-2017-14711 was published May 13, 2022
The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware... High Unreviewed
CVE-2017-14418 was published May 13, 2022
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier... High Unreviewed
CVE-2017-14111 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login... High Unreviewed
CVE-2017-1378 was published May 13, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text... High Unreviewed
CVE-2017-1362 was published May 13, 2022
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials... High Unreviewed
CVE-2017-1337 was published May 13, 2022
IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text... High Unreviewed
CVE-2017-1201 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to... High Unreviewed
CVE-2017-13998 was published May 13, 2022
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8... High Unreviewed
CVE-2017-16731 was published May 13, 2022
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read... High Unreviewed
CVE-2017-1231 was published May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that... High Unreviewed
CVE-2017-1411 was published May 13, 2022
The skyring-setup command creates random password for mongodb skyring database but it writes... High Unreviewed
CVE-2017-2665 was published May 13, 2022
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password... High Unreviewed
CVE-2017-7524 was published May 13, 2022
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login... High Unreviewed
CVE-2017-9654 was published May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... High Unreviewed
CVE-2018-10622 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database