Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7306 was published May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed
CVE-2020-7299 was published May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an... Low Unreviewed
CVE-2019-0178 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave... Low Unreviewed
CVE-2019-8522 was published May 24, 2022
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the... Low Unreviewed
CVE-2019-18615 was published May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a... Low Unreviewed
CVE-2020-8632 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14427 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14428 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14426 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14431 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that... Low Unreviewed
CVE-2019-18256 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14430 was published May 24, 2022
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15062 was published May 24, 2022
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same... Low Unreviewed
CVE-2020-15054 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7307 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and... Low Unreviewed
CVE-2020-15791 was published May 24, 2022
"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is... Low Unreviewed
CVE-2020-4095 was published May 24, 2022
An issue was discovered in the Login Password feature of the Password Manager component in Avast... Low Unreviewed
CVE-2020-15024 was published May 24, 2022
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15058 was published May 24, 2022
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When... Low Unreviewed
CVE-2020-17489 was published May 24, 2022
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions... Low Unreviewed
CVE-2021-36170 was published May 24, 2022
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin Low
CVE-2020-2319 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins AppSpider Plugin Low
CVE-2020-2314 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 24, 2022
NotMyFault
Squash TM Publisher (Squash4Jenkins) Plugin stores passwords stored in plain text Low
CVE-2022-34213 was published for org.jenkins-ci.plugins:squashtm-publisher (Maven) Jun 24, 2022
westonsteimel NotMyFault
Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password Low
CVE-2018-1000608 was published for org.jenkins-ci.plugins:zos-connector (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database