GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,050 advisories
Filter by severity
An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote,...
Moderate
Unreviewed
CVE-2022-47880
was published
May 12, 2023
PostgresNIO processes unencrypted bytes from man-in-the-middle
Low
CVE-2023-31136
was published
for
github.com/vapor/postgres-nio
(Swift)
May 10, 2023
Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow...
Moderate
Unreviewed
CVE-2022-40685
was published
May 10, 2023
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive...
Moderate
Unreviewed
CVE-2023-28764
was published
May 9, 2023
Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request.
...
High
Unreviewed
CVE-2023-24506
was published
May 8, 2023
An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4...
Moderate
Unreviewed
CVE-2022-45859
was published
May 4, 2023
A valid, authenticated administrative user can query a web interface API to reveal the configured...
Moderate
Unreviewed
CVE-2023-25495
was published
Apr 29, 2023
Plaintext Password in Registry
vulnerability in 42gears surelock windows surelockwinsetupv2.40...
High
Unreviewed
CVE-2023-2335
was published
Apr 27, 2023
Potential leak of authentication data to 3rd parties
Critical
CVE-2023-30846
was published
for
typed-rest-client
(npm)
Apr 27, 2023
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 ...
Critical
Unreviewed
CVE-2023-1778
was published
Apr 27, 2023
Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS,...
High
Unreviewed
CVE-2023-26567
was published
Apr 26, 2023
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
Moderate
Unreviewed
CVE-2023-28084
was published
Apr 25, 2023
An HPE OneView appliance dump may expose SAN switch administrative credentials
High
Unreviewed
CVE-2023-28088
was published
Apr 25, 2023
An HPE OneView appliance dump may expose SNMPv3 read credentials
Moderate
Unreviewed
CVE-2023-28090
was published
Apr 25, 2023
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
High
Unreviewed
CVE-2023-28089
was published
Apr 25, 2023
A vulnerability in the expo.io framework allows an attacker to take over accounts and steal...
Critical
Unreviewed
CVE-2023-28131
was published
Apr 24, 2023
Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm,...
High
Unreviewed
CVE-2021-33589
was published
Apr 21, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows...
High
Unreviewed
CVE-2022-4308
was published
Apr 19, 2023
Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows...
High
Unreviewed
CVE-2023-25760
was published
Apr 19, 2023
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access...
High
Unreviewed
CVE-2023-25407
was published
Apr 11, 2023
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated...
High
Unreviewed
CVE-2023-25413
was published
Apr 11, 2023
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote...
Moderate
Unreviewed
CVE-2023-1574
was published
Apr 2, 2023
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in...
High
Unreviewed
CVE-2022-48433
was published
Mar 29, 2023
CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being...
High
Unreviewed
CVE-2023-1518
was published
Mar 28, 2023
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in...
High
Unreviewed
CVE-2023-1137
was published
Mar 27, 2023
ProTip!
Advisories are also available from the
GraphQL API