GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,715

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

354 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App... Moderate Unreviewed

CVE-2024-39878 was published Jul 1, 2024

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site Moderate Unreviewed

CVE-2024-38505 was published Jun 18, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed

CVE-2024-26330 was published Jun 11, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35208 was published Jun 11, 2024

An attacker could potentially intercept credentials via the task manager and perform unauthorized... Moderate Unreviewed

CVE-2024-23583 was published May 18, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33496 was published May 14, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33497 was published May 14, 2024

IBM TXSeries for Multiplatforms 8.2 transmits or stores authentication credentials, but it uses... Moderate Unreviewed

CVE-2024-22345 was published May 14, 2024

VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed

CVE-2024-22266 was published May 8, 2024

Database scanning using username and password stores the credentials in plaintext or encoded... Moderate Unreviewed

CVE-2024-23551 was published May 8, 2024

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed

CVE-2024-3165 was published Apr 2, 2024

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed

CVE-2023-50311 was published Mar 31, 2024

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By... Moderate Unreviewed

CVE-2024-29216 was published Mar 25, 2024

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores... Moderate Unreviewed

CVE-2021-38938 was published Mar 15, 2024

An issue was discovered in Couchbase Server before 7.2.4. ns_server admin credentials are leaked... Moderate Unreviewed

CVE-2023-50436 was published Feb 29, 2024

The database access credentials configured during installation are stored in a special table, and... Moderate Unreviewed

CVE-2023-4538 was published Feb 15, 2024

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed... Moderate Unreviewed

CVE-2024-23306 was published Feb 14, 2024

IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser... Moderate Unreviewed

CVE-2022-34311 was published Feb 12, 2024

IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that... Moderate Unreviewed

CVE-2022-38714 was published Feb 12, 2024

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2024-22312 was published Feb 10, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed

CVE-2024-21869 was published Feb 2, 2024

HPE OneView may have a missing passphrase during restore. Moderate Unreviewed

CVE-2023-6573 was published Jan 23, 2024

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device... Moderate Unreviewed

CVE-2023-49106 was published Jan 16, 2024

A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker... Moderate Unreviewed

CVE-2023-50125 was published Jan 11, 2024

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

354 advisories