GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
461 advisories
Filter by severity
SnapGathers versions prior to 4.9 are susceptible to a vulnerability
which could allow a local...
Moderate
Unreviewed
CVE-2023-27315
was published
Oct 12, 2023
BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An...
Moderate
Unreviewed
CVE-2022-44758
was published
Oct 11, 2023
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely...
Moderate
Unreviewed
CVE-2022-42451
was published
Oct 11, 2023
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device...
Moderate
Unreviewed
CVE-2023-23370
was published
Oct 6, 2023
OpenStack Barbican credential leak flaw
Moderate
CVE-2023-1633
was published
for
barbican
(pip)
Sep 24, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ...
Moderate
Unreviewed
CVE-2022-47561
was published
Sep 20, 2023
Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom...
Moderate
Unreviewed
CVE-2023-41010
was published
Sep 14, 2023
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores...
Moderate
Unreviewed
CVE-2023-32338
was published
Sep 5, 2023
A pass-back vulnerability exists where an authenticated, remote attacker with administrator...
Moderate
Unreviewed
CVE-2023-3251
was published
Aug 29, 2023
Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated...
Moderate
Unreviewed
CVE-2023-31492
was published
Aug 18, 2023
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials
Moderate
CVE-2023-40347
was published
for
org.jenkins-ci.plugins:maven-artifact-choicelistprovider
(Maven)
Aug 16, 2023
Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials
Moderate
CVE-2023-40345
was published
for
org.jenkins-ci.plugins:delphix
(Maven)
Aug 16, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4328
was published
Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119...
Moderate
Unreviewed
CVE-2022-4926
was published
Jul 29, 2023
Jenkins mabl Plugin vulnerable to exposure of system-scooped credentials
Moderate
CVE-2023-37951
was published
for
com.mabl.integration.jenkins:mabl-integration
(Maven)
Jul 12, 2023
An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the...
Moderate
Unreviewed
CVE-2023-36266
was published
Jul 12, 2023
HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username...
Moderate
Unreviewed
CVE-2022-37935
was published
Jul 6, 2023
Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve...
Moderate
Unreviewed
CVE-2022-28291
was published
Jul 6, 2023
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ...
Moderate
Unreviewed
CVE-2023-35789
was published
Jun 16, 2023
GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which...
Moderate
Unreviewed
CVE-2023-33620
was published
Jun 13, 2023
The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build...
Moderate
Unreviewed
CVE-2023-27126
was published
Jun 6, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials
Moderate
Unreviewed
CVE-2023-31187
was published
May 30, 2023
Pimcore customers' list user password hash is disclosed
Moderate
CVE-2023-2881
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 25, 2023
Hazelcast vulnerable to unmasked password exposure
Moderate
CVE-2023-33264
was published
for
com.hazelcast:hazelcast
(Maven)
May 22, 2023
ProTip!
Advisories are also available from the
GraphQL API