GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
532 advisories
Filter by severity
Bitwarden Desktop v1.20.0 and above stores the biometric key in plaintext which allows a local...
High
Unreviewed
CVE-2023-27706
was published
Jun 9, 2023
Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3....
High
Unreviewed
CVE-2023-28713
was published
Jun 1, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console...
Moderate
Unreviewed
CVE-2023-28345
was published
May 31, 2023
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext...
Moderate
Unreviewed
CVE-2023-32448
was published
May 30, 2023
A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and...
Low
Unreviewed
CVE-2023-2863
was published
May 24, 2023
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be...
Moderate
Unreviewed
CVE-2023-22878
was published
May 19, 2023
Jenkins Ansible Plugin job configuration form does not mask variables
Moderate
CVE-2023-32983
was published
for
org.jenkins-ci.plugins:ansible
(Maven)
May 16, 2023
In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there...
Moderate
Unreviewed
CVE-2023-20914
was published
May 16, 2023
Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0...
Moderate
Unreviewed
CVE-2023-24586
was published
May 10, 2023
Data written to GitHub Actions Cache may expose secrets
High
CVE-2023-30853
was published
for
gradle/gradle-build-action
(GitHub Actions)
May 1, 2023
Lightbend Alpakka Kafka logs credentials on debug level
Moderate
CVE-2023-29471
was published
for
com.typesafe.akka:akka-stream-kafka
(Maven)
Apr 27, 2023
Plaintext Password in Registry
vulnerability in 42gears surelock windows surelockwinsetupv2.40...
High
Unreviewed
CVE-2023-2335
was published
Apr 27, 2023
Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.
High
Unreviewed
CVE-2023-29480
was published
Apr 24, 2023
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in...
High
Unreviewed
CVE-2023-31043
was published
Apr 23, 2023
Strapi leaking sensitive user information by filtering on private fields
High
CVE-2023-22894
was published
for
@strapi/strapi
(npm)
Apr 19, 2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user...
Moderate
Unreviewed
CVE-2023-22949
was published
Apr 14, 2023
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to...
Moderate
Unreviewed
CVE-2023-0005
was published
Apr 12, 2023
Jenkins WSO2 Oauth Plugin does not mask the WSO2 Oauth client secret on the global configuration form
Low
CVE-2023-30528
was published
for
org.jenkins-ci.plugins:wso2id-oauth
(Maven)
Apr 12, 2023
Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controller
Low
CVE-2023-30527
was published
for
org.jenkins-ci.plugins:wso2id-oauth
(Maven)
Apr 12, 2023
Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller
Moderate
CVE-2023-30523
was published
for
org.jenkins-ci.plugins:reportportal
(Maven)
Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30530
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30531
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of...
High
Unreviewed
CVE-2023-26593
was published
Apr 11, 2023
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi...
Moderate
Unreviewed
CVE-2023-0614
was published
Apr 4, 2023
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this...
High
Unreviewed
CVE-2023-1683
was published
Mar 29, 2023
ProTip!
Advisories are also available from the
GraphQL API