Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

143 advisories

Loading
Clear Text Credentials Exposed via Onboarding Task Moderate
CVE-2023-48700 was published for nautobot-device-onboarding (pip) Nov 21, 2023
whitej6 jeffkala
bryanculver scetron glennmatthews
EisBaer Scada - CWE-256: Plaintext Storage of a Password Critical Unreviewed
CVE-2023-42493 was published Oct 25, 2023
Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed
CVE-2023-43777 was published Oct 17, 2023
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed
CVE-2023-27315 was published Oct 12, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed
CVE-2022-47561 was published Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly... High Unreviewed
CVE-2023-39452 was published Sep 18, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages... High Unreviewed
CVE-2022-3261 was published Sep 15, 2023
A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic.... Moderate Unreviewed
CVE-2023-4984 was published Sep 15, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
Keycloak vulnerable to Plaintext Storage of User Password High
CVE-2023-4918 was published for org.keycloak:keycloak-core (Maven) Sep 12, 2023
dasniko lme-atolcd
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could... High Unreviewed
CVE-2023-39227 was published Sep 11, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System... High Unreviewed
CVE-2023-35067 was published Jul 25, 2023
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user... Moderate Unreviewed
CVE-2023-35765 was published Jul 7, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file... Moderate Unreviewed
CVE-2023-22389 was published Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in... Moderate Unreviewed
CVE-2023-3395 was published Jul 3, 2023
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all... Critical Unreviewed
CVE-2023-26204 was published Jun 13, 2023
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user... Moderate Unreviewed
CVE-2022-4945 was published May 23, 2023
Jenkins Code Dx Plugin displays API keys in plain text Moderate
CVE-2023-2633 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Jenkins Code Dx Plugin stores API keys in plain text Moderate
CVE-2023-2632 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows... High Unreviewed
CVE-2022-4308 was published Apr 19, 2023
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F... High Unreviewed
CVE-2023-0457 was published Mar 3, 2023
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin Moderate
CVE-2023-24442 was published for org.jenkins-ci.plugins:github-pr-coverage-status (Maven) Jan 26, 2023
Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin Moderate
CVE-2023-24454 was published for org.jenkins-ci.plugins:testquality-updater (Maven) Jan 26, 2023
Passwords stored in plain text by Jenkins view-cloner Plugin Moderate
CVE-2023-24450 was published for org.jenkins-ci.plugins:view-cloner (Maven) Jan 26, 2023
Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin Moderate
CVE-2023-24439 was published for org.jenkins-ci.plugins:jira-steps (Maven) Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database