GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,597

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

461 advisories

Filter by severity

Sort by

Least recently updated

SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed

CVE-2023-27315 was published Oct 12, 2023

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An... Moderate Unreviewed

CVE-2022-44758 was published Oct 11, 2023

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely... Moderate Unreviewed

CVE-2022-42451 was published Oct 11, 2023

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device... Moderate Unreviewed

CVE-2023-23370 was published Oct 6, 2023

OpenStack Barbican credential leak flaw Moderate

CVE-2023-1633 was published for barbican (pip) Sep 24, 2023

** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed

CVE-2022-47561 was published Sep 20, 2023

Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom... Moderate Unreviewed

CVE-2023-41010 was published Sep 14, 2023

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores... Moderate Unreviewed

CVE-2023-32338 was published Sep 5, 2023

A pass-back vulnerability exists where an authenticated, remote attacker with administrator... Moderate Unreviewed

CVE-2023-3251 was published Aug 29, 2023

Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated... Moderate Unreviewed

CVE-2023-31492 was published Aug 18, 2023

Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials Moderate

CVE-2023-40345 was published for org.jenkins-ci.plugins:delphix (Maven) Aug 16, 2023

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials Moderate

CVE-2023-40347 was published for org.jenkins-ci.plugins:maven-artifact-choicelistprovider (Maven) Aug 16, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4328 was published Aug 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4327 was published Aug 15, 2023

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119... Moderate Unreviewed

CVE-2022-4926 was published Jul 29, 2023

Jenkins mabl Plugin vulnerable to exposure of system-scooped credentials Moderate

CVE-2023-37951 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023

An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the... Moderate Unreviewed

CVE-2023-36266 was published Jul 12, 2023

HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username... Moderate Unreviewed

CVE-2022-37935 was published Jul 6, 2023

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve... Moderate Unreviewed

CVE-2022-28291 was published Jul 6, 2023

An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ... Moderate Unreviewed

CVE-2023-35789 was published Jun 16, 2023

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which... Moderate Unreviewed

CVE-2023-33620 was published Jun 13, 2023

The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build... Moderate Unreviewed

CVE-2023-27126 was published Jun 6, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials Moderate Unreviewed

CVE-2023-31187 was published May 30, 2023

Pimcore customers' list user password hash is disclosed Moderate

CVE-2023-2881 was published for pimcore/customer-management-framework-bundle (Composer) May 25, 2023

Hazelcast vulnerable to unmasked password exposure Moderate

CVE-2023-33264 was published for com.hazelcast:hazelcast (Maven) May 22, 2023

Previous 1 2 3 4 5 6 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

461 advisories