GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,928

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Filter by severity

Sort by

Least recently updated

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows... High Unreviewed

CVE-2023-25760 was published Apr 19, 2023

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access... High Unreviewed

CVE-2023-25407 was published Apr 11, 2023

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated... High Unreviewed

CVE-2023-25413 was published Apr 11, 2023

In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in... High Unreviewed

CVE-2022-48433 was published Mar 29, 2023

CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being... High Unreviewed

CVE-2023-1518 was published Mar 28, 2023

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in... High Unreviewed

CVE-2023-1137 was published Mar 27, 2023

Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F... High Unreviewed

CVE-2023-0457 was published Mar 3, 2023

TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5... High Unreviewed

CVE-2022-47703 was published Feb 17, 2023

An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5,... High Unreviewed

CVE-2022-40678 was published Feb 16, 2023

An uspecified endpoint in the web server of the switch does not properly authenticate the user... High Unreviewed

CVE-2023-24498 was published Feb 15, 2023

Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through... High Unreviewed

CVE-2023-23463 was published Feb 15, 2023

Media CP Media Control Panel latest version. Insufficiently protected credential change. High Unreviewed

CVE-2023-23466 was published Feb 15, 2023

AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12... High Unreviewed

CVE-2023-25191 was published Feb 15, 2023

An unauthorized user with network access and the decryption key could decrypt sensitive data,... High Unreviewed

CVE-2022-38469 was published Jan 18, 2023

In freeradius, the EAP-PWD function compute_password_element() leaks information about the... High Unreviewed

CVE-2022-41859 was published Jan 17, 2023

Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson... High Unreviewed

CVE-2021-36204 was published Jan 13, 2023

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5... High Unreviewed

CVE-2022-2967 was published Jan 4, 2023

Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed

CVE-2022-45423 was published Dec 27, 2022

Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1,... High Unreviewed

CVE-2022-26341 was published Nov 11, 2022

A credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3... High Unreviewed

CVE-2022-41575 was published Oct 21, 2022

On cSRX Series devices software permission issues in the container filesystem and stored files... High Unreviewed

CVE-2022-22251 was published Oct 18, 2022

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete... High Unreviewed

CVE-2019-14840 was published Oct 17, 2022

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2),... High Unreviewed

CVE-2022-38465 was published Oct 11, 2022

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in... High Unreviewed

CVE-2022-39168 was published Sep 30, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API. High Unreviewed

CVE-2020-15341 was published Sep 30, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

292 advisories