GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,599
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,163
Maven 5,348
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,595

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278 advisories

Filter by severity

Sort by

Least recently updated

The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information... Moderate Unreviewed

CVE-2023-50294 was published Dec 26, 2023

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An... Moderate Unreviewed

CVE-2022-46141 was published Dec 12, 2023

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28... Moderate Unreviewed

CVE-2023-40238 was published Dec 7, 2023

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential... Moderate Unreviewed

CVE-2023-47312 was published Nov 22, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed

CVE-2023-41096 was published Oct 26, 2023

The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed

CVE-2023-41964 was published Oct 10, 2023

A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security... Moderate Unreviewed

CVE-2023-4066 was published Sep 27, 2023

Sensitive information disclosure due to cleartext storage of sensitive information. The following... Moderate Unreviewed

CVE-2023-44159 was published Sep 27, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed

CVE-2023-2358 was published Sep 27, 2023

A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed

CVE-2023-40715 was published Sep 13, 2023

A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed

CVE-2023-4400 was published Sep 13, 2023

Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed

CVE-2023-31423 was published Aug 31, 2023

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed

CVE-2023-31925 was published Aug 31, 2023

An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password... Moderate Unreviewed

CVE-2023-40354 was published Aug 14, 2023

Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow... Moderate Unreviewed

CVE-2023-39210 was published Aug 9, 2023

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user... Moderate Unreviewed

CVE-2023-36136 was published Aug 8, 2023

In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular... Moderate Unreviewed

CVE-2023-39440 was published Aug 8, 2023

An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The... Moderate Unreviewed

CVE-2023-39903 was published Aug 7, 2023

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32446 was published Jul 20, 2023

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32455 was published Jul 20, 2023

Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32447 was published Jul 20, 2023

Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32483 was published Jul 20, 2023

A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This... Moderate Unreviewed

CVE-2023-3762 was published Jul 19, 2023

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed

CVE-2023-20207 was published Jul 12, 2023

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with... Moderate Unreviewed

CVE-2023-35699 was published Jul 10, 2023

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278 advisories