GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
296 advisories
Filter by severity
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30530
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30531
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi...
Moderate
Unreviewed
CVE-2023-0614
was published
Apr 4, 2023
In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the...
Moderate
Unreviewed
CVE-2023-25263
was published
Mar 27, 2023
A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA...
Moderate
Unreviewed
CVE-2023-20059
was published
Mar 23, 2023
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with...
Moderate
Unreviewed
CVE-2023-25596
was published
Mar 22, 2023
An information disclosure vulnerability allows sensitive key material to be included in technical...
Moderate
Unreviewed
CVE-2022-48310
was published
Mar 1, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a...
Moderate
Unreviewed
CVE-2022-34910
was published
Feb 27, 2023
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.
Moderate
Unreviewed
CVE-2022-31405
was published
Feb 27, 2023
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-24964
was published
Feb 17, 2023
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux...
Moderate
Unreviewed
CVE-2022-45154
was published
Feb 15, 2023
Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with...
Moderate
Unreviewed
CVE-2022-24410
was published
Feb 10, 2023
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information...
Moderate
Unreviewed
CVE-2022-45098
was published
Feb 1, 2023
Apache Linkis vulnerable to Exposure of Sensitive Information
Moderate
CVE-2022-44644
was published
for
org.apache.linkis:linkis
(Maven)
Jan 31, 2023
On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server...
Moderate
Unreviewed
CVE-2022-45897
was published
Jan 31, 2023
Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 (4.4 series), 4.3.0 to 4...
Moderate
Unreviewed
CVE-2023-22332
was published
Jan 30, 2023
Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin
Moderate
CVE-2023-24454
was published
for
org.jenkins-ci.plugins:testquality-updater
(Maven)
Jan 26, 2023
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin
Moderate
CVE-2023-24442
was published
for
org.jenkins-ci.plugins:github-pr-coverage-status
(Maven)
Jan 26, 2023
Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin
Moderate
CVE-2023-24439
was published
for
org.jenkins-ci.plugins:jira-steps
(Maven)
Jan 26, 2023
Passwords stored in plain text by Jenkins view-cloner Plugin
Moderate
CVE-2023-24450
was published
for
org.jenkins-ci.plugins:view-cloner
(Maven)
Jan 26, 2023
** DISPUTED ** KeePass through 2.53 (in a default installation) allows an attacker, who has write...
Moderate
Unreviewed
CVE-2023-24055
was published
Jan 22, 2023
A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0...
Moderate
Unreviewed
CVE-2022-45439
was published
Jan 17, 2023
NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This...
Moderate
Unreviewed
CVE-2022-42284
was published
Jan 13, 2023
IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read...
Moderate
Unreviewed
CVE-2022-22470
was published
Jan 9, 2023
Apache James MIME4J vulnerable to information disclosure to local users
Moderate
CVE-2022-45787
was published
for
org.apache.james:apache-mime4j-storage
(Maven)
Jan 6, 2023
ProTip!
Advisories are also available from the
GraphQL API