GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,350
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,681
NuGet 650
pip 3,298
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,415

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

516 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to... Moderate Unreviewed

CVE-2023-0005 was published Apr 12, 2023

Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controller Low

CVE-2023-30527 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) Apr 12, 2023

Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted Moderate

CVE-2023-30530 was published for org.jenkins-ci.plugins:consul-kv-builder (Maven) Apr 12, 2023

Jenkins WSO2 Oauth Plugin does not mask the WSO2 Oauth client secret on the global configuration form Low

CVE-2023-30528 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) Apr 12, 2023

Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller Moderate

CVE-2023-30523 was published for org.jenkins-ci.plugins:reportportal (Maven) Apr 12, 2023

Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted Moderate

CVE-2023-30531 was published for org.jenkins-ci.plugins:consul-kv-builder (Maven) Apr 12, 2023

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of... High Unreviewed

CVE-2023-26593 was published Apr 11, 2023

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi... Moderate Unreviewed

CVE-2023-0614 was published Apr 4, 2023

A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed

CVE-2023-1683 was published Mar 29, 2023

In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the... Moderate Unreviewed

CVE-2023-25263 was published Mar 27, 2023

A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA... Moderate Unreviewed

CVE-2023-20059 was published Mar 23, 2023

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with... Moderate Unreviewed

CVE-2023-25596 was published Mar 22, 2023

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed

CVE-2023-23776 was published Mar 7, 2023

An information disclosure vulnerability allows sensitive key material to be included in technical... Moderate Unreviewed

CVE-2022-48310 was published Mar 1, 2023

Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability... High Unreviewed

CVE-2023-26760 was published Feb 27, 2023

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a... Moderate Unreviewed

CVE-2022-34910 was published Feb 27, 2023

MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext. Moderate Unreviewed

CVE-2022-31405 was published Feb 27, 2023

IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with... High Unreviewed

CVE-2022-34351 was published Feb 17, 2023

IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information... Moderate Unreviewed

CVE-2023-24964 was published Feb 17, 2023

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive... High Unreviewed

CVE-2022-41734 was published Feb 17, 2023

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux... Moderate Unreviewed

CVE-2022-45154 was published Feb 15, 2023

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed

CVE-2022-3089 was published Feb 13, 2023

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... High Unreviewed

CVE-2022-34388 was published Feb 11, 2023

Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with... Moderate Unreviewed

CVE-2022-24410 was published Feb 10, 2023

Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information... Moderate Unreviewed

CVE-2022-45098 was published Feb 1, 2023

Previous 1 2 … 5 6 7 8 9 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

516 advisories