GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,799

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed... Moderate Unreviewed

CVE-2024-23306 was published Feb 14, 2024

IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser... Moderate Unreviewed

CVE-2022-34311 was published Feb 12, 2024

IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that... Moderate Unreviewed

CVE-2022-38714 was published Feb 12, 2024

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which... Moderate Unreviewed

CVE-2024-22312 was published Feb 10, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed

CVE-2024-21869 was published Feb 2, 2024

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device... Moderate Unreviewed

CVE-2023-49106 was published Jan 16, 2024

A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker... Moderate Unreviewed

CVE-2023-50125 was published Jan 11, 2024

An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to... Moderate Unreviewed

CVE-2023-29447 was published Jan 10, 2024

In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials... Moderate Unreviewed

CVE-2022-39820 was published Dec 25, 2023

IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text... Moderate Unreviewed

CVE-2023-47741 was published Dec 18, 2023

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed

CVE-2023-6791 was published Dec 13, 2023

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be... Moderate Unreviewed

CVE-2023-47722 was published Dec 9, 2023

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Moderate Unreviewed

CVE-2023-24047 was published Dec 5, 2023

Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local... Moderate Unreviewed

CVE-2023-44300 was published Dec 4, 2023

An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0... Moderate Unreviewed

CVE-2023-41676 was published Nov 14, 2023

The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and... Moderate Unreviewed

CVE-2023-26221 was published Nov 8, 2023

An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability... Moderate Unreviewed

CVE-2023-38328 was published Oct 27, 2023

Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote... Moderate Unreviewed

CVE-2020-17477 was published Oct 26, 2023

Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed

CVE-2023-43777 was published Oct 17, 2023

SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed

CVE-2023-27315 was published Oct 12, 2023

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An... Moderate Unreviewed

CVE-2022-44758 was published Oct 11, 2023

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely... Moderate Unreviewed

CVE-2022-42451 was published Oct 11, 2023

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device... Moderate Unreviewed

CVE-2023-23370 was published Oct 6, 2023

** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed

CVE-2022-47561 was published Sep 20, 2023

Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom... Moderate Unreviewed

CVE-2023-41010 was published Sep 14, 2023

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

335 advisories