GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,379

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an... Moderate Unreviewed

CVE-2024-3082 was published Jul 31, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain... Moderate Unreviewed

CVE-2024-39733 was published Jul 14, 2024

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App... Moderate Unreviewed

CVE-2024-39878 was published Jul 1, 2024

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile... Moderate Unreviewed

CVE-2024-39879 was published Jul 1, 2024

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site Moderate Unreviewed

CVE-2024-38505 was published Jun 18, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed

CVE-2024-26330 was published Jun 11, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35208 was published Jun 11, 2024

An attacker could potentially intercept credentials via the task manager and perform unauthorized... Moderate Unreviewed

CVE-2024-23583 was published May 18, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33497 was published May 14, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33496 was published May 14, 2024

IBM TXSeries for Multiplatforms 8.2 transmits or stores authentication credentials, but it uses... Moderate Unreviewed

CVE-2024-22345 was published May 14, 2024

Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed

CVE-2023-42955 was published May 14, 2024

VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed

CVE-2024-22266 was published May 8, 2024

Database scanning using username and password stores the credentials in plaintext or encoded... Moderate Unreviewed

CVE-2024-23551 was published May 8, 2024

Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive... Moderate Unreviewed

CVE-2024-3543 was published May 2, 2024

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure... Moderate Unreviewed

CVE-2024-28961 was published Apr 29, 2024

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed

CVE-2024-20282 was published Apr 3, 2024

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed

CVE-2024-3165 was published Apr 2, 2024

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed

CVE-2023-50311 was published Mar 31, 2024

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By... Moderate Unreviewed

CVE-2024-29216 was published Mar 25, 2024

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores... Moderate Unreviewed

CVE-2021-38938 was published Mar 15, 2024

An issue was discovered in Couchbase Server before 7.2.4. ns_server admin credentials are leaked... Moderate Unreviewed

CVE-2023-50436 was published Feb 29, 2024

The database access credentials configured during installation are stored in a special table, and... Moderate Unreviewed

CVE-2023-4538 was published Feb 15, 2024

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed... Moderate Unreviewed

CVE-2024-23306 was published Feb 14, 2024

Previous 1…3…16 Next

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

388 advisories