GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
532 advisories
Filter by severity
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ...
Moderate
Unreviewed
CVE-2023-41096
was published
Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ...
Critical
Unreviewed
CVE-2023-41095
was published
Oct 26, 2023
Jenkins lambdatest-automation Plugin may expose Credentials access token
Low
CVE-2023-46653
was published
for
org.jenkins-ci.plugins:lambdatest-automation
(Maven)
Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API
High
CVE-2023-46128
was published
for
nautobot
(pip)
Oct 24, 2023
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows...
High
Unreviewed
CVE-2023-44037
was published
Oct 14, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)...
Moderate
Unreviewed
CVE-2023-41964
was published
Oct 10, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation...
Critical
Unreviewed
CVE-2023-2809
was published
Oct 4, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security...
Moderate
Unreviewed
CVE-2023-4066
was published
Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The...
Low
Unreviewed
CVE-2023-44153
was published
Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information. The following...
Moderate
Unreviewed
CVE-2023-44159
was published
Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,...
Moderate
Unreviewed
CVE-2023-2358
was published
Sep 27, 2023
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes
Low
CVE-2023-41335
was published
for
matrix-synapse
(pip)
Sep 26, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through...
Moderate
Unreviewed
CVE-2023-40715
was published
Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x...
Moderate
Unreviewed
CVE-2023-4400
was published
Sep 13, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as...
Critical
Unreviewed
CVE-2023-31069
was published
Sep 11, 2023
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,...
Low
Unreviewed
CVE-2023-3950
was published
Sep 1, 2023
Brocade
SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
in plaintext. A...
Moderate
Unreviewed
CVE-2023-31925
was published
Aug 31, 2023
Possible
information exposure through log file vulnerability where sensitive
fields are...
Moderate
Unreviewed
CVE-2023-31423
was published
Aug 31, 2023
The
firmwaredownload command on Brocade Fabric OS v9.2.0 could log the
FTP/SFTP/SCP server...
High
Unreviewed
CVE-2023-3489
was published
Aug 31, 2023
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected...
Low
Unreviewed
CVE-2023-4392
was published
Aug 17, 2023
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password...
Moderate
Unreviewed
CVE-2023-40354
was published
Aug 14, 2023
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System...
High
Unreviewed
CVE-2023-31041
was published
Aug 14, 2023
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow...
Moderate
Unreviewed
CVE-2023-39210
was published
Aug 9, 2023
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user...
Moderate
Unreviewed
CVE-2023-36136
was published
Aug 8, 2023
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular...
Moderate
Unreviewed
CVE-2023-39440
was published
Aug 8, 2023
ProTip!
Advisories are also available from the
GraphQL API