Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
CloudForms stores user passwords in recoverable format Moderate Unreviewed
CVE-2013-4423 was published May 5, 2022
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Moderate Unreviewed
CVE-2013-7052 was published May 5, 2022
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Moderate Unreviewed
CVE-2013-7055 was published May 5, 2022
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4... Moderate Unreviewed
CVE-2017-12127 was published May 13, 2022
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and... Moderate Unreviewed
CVE-2016-9360 was published May 13, 2022
Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the... Moderate Unreviewed
CVE-2015-3962 was published May 13, 2022
The IBM Security Access Manager appliance includes configuration files that contain obfuscated... Moderate Unreviewed
CVE-2015-5013 was published May 13, 2022
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which... Moderate Unreviewed
CVE-2015-5955 was published May 13, 2022
The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x... Moderate Unreviewed
CVE-2014-4806 was published May 13, 2022
Users with Site-level permissions can access files containing the username-encrypted passwords of... Moderate Unreviewed
CVE-2019-5615 was published May 13, 2022
Jenkins Klaros-Testmanagement Plugin stores credentials in plain text Moderate
CVE-2019-10282 was published for hudson.plugins.klaros:klaros-testmanagement (Maven) May 13, 2022
Jenkins crittercism-dsym Plugin stores API key in plain text Moderate
CVE-2019-10295 was published for org.jenkins-ci.plugins:crittercism-dsym (Maven) May 13, 2022
Jenkins DeployHub Plugin stores credentials in plain text Moderate
CVE-2019-10286 was published for com.openmake:deployhub (Maven) May 13, 2022
Jenkins mabl Plugin stores credentials in plain text Moderate
CVE-2019-10283 was published for com.mabl.integration.jenkins:mabl-integration (Maven) May 13, 2022
Jenkins Diawi Upload Plugin stores credentials in plain text Moderate
CVE-2019-10284 was published for org.jenkins-ci.plugins:diawi-upload (Maven) May 13, 2022
ECS Publisher Plugin stored and displayed API token in plain text Moderate
CVE-2019-1003045 was published for de.eacg:ecs-publisher (Maven) May 13, 2022
Jenkins AppDynamics Dashboard Plugin has insufficiently protected credentials Moderate
CVE-2019-1003039 was published for org.jenkins-ci.plugins:appdynamics-dashboard (Maven) May 13, 2022
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect... Moderate Unreviewed
CVE-2018-17871 was published May 13, 2022
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to... Moderate Unreviewed
CVE-2018-12038 was published May 13, 2022
Jenkins TestFairy Plugin stores credentials in plain text Moderate
CVE-2019-1003096 was published for org.jenkins-ci.plugins:TestFairy (Maven) May 13, 2022
Jenkins Crowd Integration Plugin stores credentials in plain text Moderate
CVE-2019-1003097 was published for com.ds.tools.hudson:crowd (Maven) May 13, 2022
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3... Moderate Unreviewed
CVE-2013-4222 was published May 13, 2022
Previous releases of the Puppet cisco_ios module output SSH session debug information including... Moderate Unreviewed
CVE-2018-11752 was published May 13, 2022
All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and... Moderate Unreviewed
CVE-2018-5446 was published May 13, 2022
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes. Moderate Unreviewed
CVE-2018-15717 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database