GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
516 advisories
Filter by severity
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to...
Moderate
Unreviewed
CVE-2023-0005
was published
Apr 12, 2023
Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controller
Low
CVE-2023-30527
was published
for
org.jenkins-ci.plugins:wso2id-oauth
(Maven)
Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30530
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
Jenkins WSO2 Oauth Plugin does not mask the WSO2 Oauth client secret on the global configuration form
Low
CVE-2023-30528
was published
for
org.jenkins-ci.plugins:wso2id-oauth
(Maven)
Apr 12, 2023
Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller
Moderate
CVE-2023-30523
was published
for
org.jenkins-ci.plugins:reportportal
(Maven)
Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted
Moderate
CVE-2023-30531
was published
for
org.jenkins-ci.plugins:consul-kv-builder
(Maven)
Apr 12, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of...
High
Unreviewed
CVE-2023-26593
was published
Apr 11, 2023
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi...
Moderate
Unreviewed
CVE-2023-0614
was published
Apr 4, 2023
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this...
High
Unreviewed
CVE-2023-1683
was published
Mar 29, 2023
In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the...
Moderate
Unreviewed
CVE-2023-25263
was published
Mar 27, 2023
A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA...
Moderate
Unreviewed
CVE-2023-20059
was published
Mar 23, 2023
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with...
Moderate
Unreviewed
CVE-2023-25596
was published
Mar 22, 2023
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in...
Low
Unreviewed
CVE-2023-23776
was published
Mar 7, 2023
An information disclosure vulnerability allows sensitive key material to be included in technical...
Moderate
Unreviewed
CVE-2022-48310
was published
Mar 1, 2023
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability...
High
Unreviewed
CVE-2023-26760
was published
Feb 27, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a...
Moderate
Unreviewed
CVE-2022-34910
was published
Feb 27, 2023
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.
Moderate
Unreviewed
CVE-2022-31405
was published
Feb 27, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with...
High
Unreviewed
CVE-2022-34351
was published
Feb 17, 2023
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-24964
was published
Feb 17, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2022-41734
was published
Feb 17, 2023
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux...
Moderate
Unreviewed
CVE-2022-45154
was published
Feb 15, 2023
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could...
Critical
Unreviewed
CVE-2022-3089
was published
Feb 13, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ...
High
Unreviewed
CVE-2022-34388
was published
Feb 11, 2023
Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with...
Moderate
Unreviewed
CVE-2022-24410
was published
Feb 10, 2023
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information...
Moderate
Unreviewed
CVE-2022-45098
was published
Feb 1, 2023
ProTip!
Advisories are also available from the
GraphQL API