GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
296 advisories
Filter by severity
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in...
Moderate
Unreviewed
CVE-2024-29956
was published
Apr 18, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to...
Moderate
Unreviewed
CVE-2024-29952
was published
Apr 18, 2024
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to...
Moderate
Unreviewed
CVE-2024-24488
was published
Feb 7, 2024
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive...
Moderate
Unreviewed
CVE-2023-31002
was published
Feb 7, 2024
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance
Moderate
CVE-2024-24595
was published
for
clearml
(pip)
Feb 6, 2024
Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service
Moderate
CVE-2023-51702
was published
for
apache-airflow
(pip)
Jan 24, 2024
The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information...
Moderate
Unreviewed
CVE-2023-50294
was published
Dec 26, 2023
Displayed in plain text by Dingding JSON Pusher Plugin
Moderate
CVE-2023-50773
was published
for
com.zintow:dingding-json-pusher
(Maven)
Dec 13, 2023
Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin
Moderate
CVE-2023-50770
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Dec 13, 2023
Tokens stored in plain text by PaaSLane Estimate Plugin
Moderate
CVE-2023-50776
was published
for
com.cloudtp.jenkins:paaslane-estimate
(Maven)
Dec 13, 2023
Tokens stored in plain text by Dingding JSON Pusher Plugin
Moderate
CVE-2023-50772
was published
for
com.zintow:dingding-json-pusher
(Maven)
Dec 13, 2023
Tokens stored in plain text by PaaSLane Estimate Plugin
Moderate
CVE-2023-50777
was published
for
com.cloudtp.jenkins:paaslane-estimate
(Maven)
Dec 13, 2023
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An...
Moderate
Unreviewed
CVE-2022-46141
was published
Dec 12, 2023
A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28...
Moderate
Unreviewed
CVE-2023-40238
was published
Dec 7, 2023
Cleartext Storage of Sensitive Information in HMAC SHA256 Authentication
Moderate
CVE-2023-48707
was published
for
codeigniter4/shield
(Composer)
Nov 23, 2023
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential...
Moderate
Unreviewed
CVE-2023-47312
was published
Nov 22, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ...
Moderate
Unreviewed
CVE-2023-41096
was published
Oct 26, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)...
Moderate
Unreviewed
CVE-2023-41964
was published
Oct 10, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security...
Moderate
Unreviewed
CVE-2023-4066
was published
Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information. The following...
Moderate
Unreviewed
CVE-2023-44159
was published
Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,...
Moderate
Unreviewed
CVE-2023-2358
was published
Sep 27, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through...
Moderate
Unreviewed
CVE-2023-40715
was published
Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x...
Moderate
Unreviewed
CVE-2023-4400
was published
Sep 13, 2023
Possible
information exposure through log file vulnerability where sensitive
fields are...
Moderate
Unreviewed
CVE-2023-31423
was published
Aug 31, 2023
Brocade
SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
in plaintext. A...
Moderate
Unreviewed
CVE-2023-31925
was published
Aug 31, 2023
ProTip!
Advisories are also available from the
GraphQL API