GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
803 advisories
Filter by severity
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication...
Moderate
Unreviewed
CVE-2023-50310
was published
Oct 23, 2024
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which...
High
Unreviewed
CVE-2024-43812
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform...
Moderate
Unreviewed
CVE-2024-20462
was published
Oct 16, 2024
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H...
Moderate
Unreviewed
CVE-2024-9677
was published
Oct 22, 2024
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache...
Critical
Unreviewed
CVE-2024-44000
was published
Oct 20, 2024
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is...
High
Unreviewed
CVE-2024-7755
was published
Oct 17, 2024
The affected product is vulnerable due to insufficiently protected credentials, which may allow...
High
Unreviewed
CVE-2024-49396
was published
Oct 17, 2024
IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that...
Moderate
Unreviewed
CVE-2022-38714
was published
Feb 12, 2024
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
Moderate
Unreviewed
CVE-2024-47161
was published
Oct 8, 2024
Advantech ADAM-5630 shares user credentials plain text between the device and the user source...
Moderate
Unreviewed
CVE-2024-34542
was published
Sep 27, 2024
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64...
Moderate
Unreviewed
CVE-2024-37187
was published
Sep 27, 2024
A vulnerability in the storage method of the PON Controller configuration file could allow an...
High
Unreviewed
CVE-2024-20489
was published
Sep 11, 2024
System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for...
Moderate
Unreviewed
CVE-2024-3165
was published
Apr 2, 2024
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it...
High
Unreviewed
CVE-2023-22862
was published
Jun 5, 2023
An issue in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to...
High
Unreviewed
CVE-2024-44815
was published
Sep 10, 2024
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4328
was published
Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and...
Moderate
Unreviewed
CVE-2024-40703
was published
Sep 22, 2024
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
Audit records for OpenAPI requests may include sensitive information.
This could lead to...
High
Unreviewed
CVE-2023-6916
was published
Apr 10, 2024
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
Moderate
Unreviewed
CVE-2024-47162
was published
Sep 19, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain...
Moderate
Unreviewed
CVE-2024-39733
was published
Jul 14, 2024
The Eaton Foreseer software provides the feasibility for the user to configure external servers...
Moderate
Unreviewed
CVE-2024-31415
was published
Sep 13, 2024
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8,...
High
Unreviewed
CVE-2024-28981
was published
Sep 12, 2024
A series of related high-severity vulnerabilities, the most notable enabling remote code...
High
Unreviewed
CVE-2024-40710
was published
Sep 7, 2024
ProTip!
Advisories are also available from the
GraphQL API