Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 (4.4 series), 4.3.0 to 4... Moderate Unreviewed
CVE-2023-22332 was published Jan 30, 2023
On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server... Moderate Unreviewed
CVE-2022-45897 was published Jan 31, 2023
Apache Linkis vulnerable to Exposure of Sensitive Information Moderate
CVE-2022-44644 was published for org.apache.linkis:linkis (Maven) Jan 31, 2023
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information... Moderate Unreviewed
CVE-2022-45098 was published Feb 1, 2023
Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with... Moderate Unreviewed
CVE-2022-24410 was published Feb 10, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... High Unreviewed
CVE-2022-34388 was published Feb 11, 2023
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed
CVE-2022-3089 was published Feb 13, 2023
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux... Moderate Unreviewed
CVE-2022-45154 was published Feb 15, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-41734 was published Feb 17, 2023
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information... Moderate Unreviewed
CVE-2023-24964 was published Feb 17, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with... High Unreviewed
CVE-2022-34351 was published Feb 17, 2023
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext. Moderate Unreviewed
CVE-2022-31405 was published Feb 27, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a... Moderate Unreviewed
CVE-2022-34910 was published Feb 27, 2023
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability... High Unreviewed
CVE-2023-26760 was published Feb 27, 2023
An information disclosure vulnerability allows sensitive key material to be included in technical... Moderate Unreviewed
CVE-2022-48310 was published Mar 1, 2023
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2023-23776 was published Mar 7, 2023
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with... Moderate Unreviewed
CVE-2023-25596 was published Mar 22, 2023
A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA... Moderate Unreviewed
CVE-2023-20059 was published Mar 23, 2023
In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the... Moderate Unreviewed
CVE-2023-25263 was published Mar 27, 2023
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1683 was published Mar 29, 2023
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi... Moderate Unreviewed
CVE-2023-0614 was published Apr 4, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of... High Unreviewed
CVE-2023-26593 was published Apr 11, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted Moderate
CVE-2023-30531 was published for org.jenkins-ci.plugins:consul-kv-builder (Maven) Apr 12, 2023
Jenkins Consul KV Builder Plugin stores HashiCorp Consul ACL Token unencrypted Moderate
CVE-2023-30530 was published for org.jenkins-ci.plugins:consul-kv-builder (Maven) Apr 12, 2023
Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controller Low
CVE-2023-30527 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database