GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
132 advisories
Filter by severity
?Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could...
High
Unreviewed
CVE-2023-39227
was published
Sep 11, 2023
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System...
High
Unreviewed
CVE-2023-35067
was published
Jul 25, 2023
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user...
Moderate
Unreviewed
CVE-2023-35765
was published
Jul 7, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file...
Moderate
Unreviewed
CVE-2023-22389
was published
Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in...
Moderate
Unreviewed
CVE-2023-3395
was published
Jul 3, 2023
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all...
Critical
Unreviewed
CVE-2023-26204
was published
Jun 13, 2023
The Dataprobe cloud usernames and passwords are stored in plain text in a specific file. Any user...
Moderate
Unreviewed
CVE-2022-4945
was published
May 23, 2023
Jenkins Code Dx Plugin stores API keys in plain text
Moderate
CVE-2023-2632
was published
for
org.jenkins-ci.plugins:codedx
(Maven)
May 16, 2023
Jenkins Code Dx Plugin displays API keys in plain text
Moderate
CVE-2023-2633
was published
for
org.jenkins-ci.plugins:codedx
(Maven)
May 16, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows...
High
Unreviewed
CVE-2022-4308
was published
Apr 19, 2023
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F...
High
Unreviewed
CVE-2023-0457
was published
Mar 3, 2023
Passwords stored in plain text by Jenkins view-cloner Plugin
Moderate
CVE-2023-24450
was published
for
org.jenkins-ci.plugins:view-cloner
(Maven)
Jan 26, 2023
Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin
Moderate
CVE-2023-24454
was published
for
org.jenkins-ci.plugins:testquality-updater
(Maven)
Jan 26, 2023
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin
Moderate
CVE-2023-24442
was published
for
org.jenkins-ci.plugins:github-pr-coverage-status
(Maven)
Jan 26, 2023
Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin
Moderate
CVE-2023-24439
was published
for
org.jenkins-ci.plugins:jira-steps
(Maven)
Jan 26, 2023
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects
High
CVE-2022-43757
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
Jenkins Reverse Proxy Auth Plugin vulnerable due to plaintext storage of passwords
Moderate
CVE-2022-45384
was published
for
org.jenkins-ci.main:reverse-proxy-auth-plugin
(Maven)
Nov 16, 2022
Plaintext Storage of a Password in Jenkins NS-ND Integration Performance Publisher Plugin
Moderate
CVE-2022-45392
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Nov 16, 2022
Plaintext storage of tokens in pulp_ansible
Moderate
CVE-2022-3644
was published
for
pulp-ansible
(pip)
Oct 25, 2022
API keys stored in plain text by Jenkins Katalon Plugin
Moderate
CVE-2022-43419
was published
for
org.jenkins-ci.plugins:katalon
(Maven)
Oct 19, 2022
etcd user credentials are stored in WAL logs in plaintext
Low
GHSA-528j-9r78-wffx
was published
for
go.etcd.io/etcd/client/v3
(Go)
Oct 6, 2022
Jenkins BigPanda Notifier Plugin stores BigPanda API key unencrypted
Low
CVE-2022-41247
was published
for
org.jenkins-ci.plugins:bigpanda-jenkins
(Maven)
Sep 22, 2022
API token stored in plain text by Jenkins CONS3RT Plugin
Low
CVE-2022-41255
was published
for
org.jenkins-ci.plugins:cons3rt
(Maven)
Sep 22, 2022
RabbitMQ password stored in plain text by Jenkins CollabNet Plugins Plugin
Low
CVE-2022-38665
was published
for
org.jenkins-ci.plugins:collabnet
(Maven)
Aug 24, 2022
Jenkins HTTP Request Plugin stores HTTP Request passwords unencrypted
Low
CVE-2022-36901
was published
for
org.jenkins-ci.plugins:http_request
(Maven)
Jul 28, 2022
ProTip!
Advisories are also available from the
GraphQL API