Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21 advisories

Loading
The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores... Low Unreviewed
CVE-2024-40594 was published Jul 6, 2024
An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted... Low Unreviewed
CVE-2023-46294 was published May 1, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in... Low Unreviewed
CVE-2023-5359 was published Sep 25, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed
CVE-2023-37396 was published Apr 19, 2024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This... Low Unreviewed
CVE-2024-4235 was published Apr 26, 2024
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,... Low Unreviewed
CVE-2023-3950 was published Sep 1, 2023
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6... Low Unreviewed
CVE-2022-22302 was published Jul 11, 2023
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish... Low Unreviewed
CVE-2008-1567 was published May 1, 2022
Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext... Low Unreviewed
CVE-2005-2209 was published May 1, 2022
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a... Low Unreviewed
CVE-2002-1696 was published Apr 30, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Low Unreviewed
CVE-2019-19291 was published May 24, 2022
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The... Low Unreviewed
CVE-2023-44153 was published Sep 27, 2023
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected... Low Unreviewed
CVE-2023-4392 was published Aug 17, 2023
A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and... Low Unreviewed
CVE-2023-2863 was published May 24, 2023
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2023-23776 was published Mar 7, 2023
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text... Low Unreviewed
CVE-2019-4566 was published May 24, 2022
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. Low Unreviewed
CVE-2022-28162 was published May 10, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The onboard Flash memory... Low Unreviewed
CVE-2020-15485 was published May 24, 2022
A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy... Low Unreviewed
CVE-2020-7516 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at... Low Unreviewed
CVE-2019-18254 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database