GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,934
Composer 4,780
Erlang 36
GitHub Actions 29
Go 2,344
Maven 5,665
npm 3,973
NuGet 719
pip 3,770
Pub 12
RubyGems 923
Rust 978
Swift 38

Unreviewed advisories

All unreviewed 260,078

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

382 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to... Moderate Unreviewed

CVE-2023-29447 was published Jan 10, 2024

In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials... Moderate Unreviewed

CVE-2022-39820 was published Dec 25, 2023

IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text... Moderate Unreviewed

CVE-2023-47741 was published Dec 18, 2023

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed

CVE-2023-6791 was published Dec 13, 2023

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be... Moderate Unreviewed

CVE-2023-47722 was published Dec 9, 2023

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Moderate Unreviewed

CVE-2023-24047 was published Dec 5, 2023

Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local... Moderate Unreviewed

CVE-2023-44300 was published Dec 4, 2023

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web... Moderate Unreviewed

CVE-2023-38548 was published Nov 14, 2023

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0... Moderate Unreviewed

CVE-2023-41676 was published Nov 14, 2023

The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and... Moderate Unreviewed

CVE-2023-26221 was published Nov 8, 2023

An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability... Moderate Unreviewed

CVE-2023-38328 was published Oct 27, 2023

Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote... Moderate Unreviewed

CVE-2020-17477 was published Oct 26, 2023

Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed

CVE-2023-43777 was published Oct 17, 2023

SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed

CVE-2023-27315 was published Oct 12, 2023

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An... Moderate Unreviewed

CVE-2022-44758 was published Oct 11, 2023

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely... Moderate Unreviewed

CVE-2022-42451 was published Oct 11, 2023

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device... Moderate Unreviewed

CVE-2023-23370 was published Oct 6, 2023

** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed

CVE-2022-47561 was published Sep 20, 2023

Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom... Moderate Unreviewed

CVE-2023-41010 was published Sep 14, 2023

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores... Moderate Unreviewed

CVE-2023-32338 was published Sep 5, 2023

A pass-back vulnerability exists where an authenticated, remote attacker with administrator... Moderate Unreviewed

CVE-2023-3251 was published Aug 29, 2023

Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated... Moderate Unreviewed

CVE-2023-31492 was published Aug 18, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4327 was published Aug 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4328 was published Aug 15, 2023

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119... Moderate Unreviewed

CVE-2022-4926 was published Jul 29, 2023

Previous 1 2 3 4 5 6 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

382 advisories