Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Loading
The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password... High Unreviewed
CVE-2023-6250 was published Dec 26, 2023
The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information... Moderate Unreviewed
CVE-2023-50294 was published Dec 26, 2023
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An... Moderate Unreviewed
CVE-2022-46141 was published Dec 12, 2023
A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28... Moderate Unreviewed
CVE-2023-40238 was published Dec 7, 2023
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to... High Unreviewed
CVE-2023-46386 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext... High Unreviewed
CVE-2023-46384 was published Dec 1, 2023
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions... High Unreviewed
CVE-2023-46388 was published Dec 1, 2023
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential... Moderate Unreviewed
CVE-2023-47312 was published Nov 22, 2023
Zentao Biz version 8.7 and before is vulnerable to Information Disclosure. High Unreviewed
CVE-2023-46376 was published Oct 27, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ... Critical Unreviewed
CVE-2023-41095 was published Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed
CVE-2023-41096 was published Oct 26, 2023
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows... High Unreviewed
CVE-2023-44037 was published Oct 14, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed
CVE-2023-41964 was published Oct 10, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed
CVE-2023-2809 was published Oct 4, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security... Moderate Unreviewed
CVE-2023-4066 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The... Low Unreviewed
CVE-2023-44153 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information. The following... Moderate Unreviewed
CVE-2023-44159 was published Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed
CVE-2023-2358 was published Sep 27, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed
CVE-2023-40715 was published Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as... Critical Unreviewed
CVE-2023-31069 was published Sep 11, 2023
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,... Low Unreviewed
CVE-2023-3950 was published Sep 1, 2023
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed
CVE-2023-31925 was published Aug 31, 2023
Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed
CVE-2023-31423 was published Aug 31, 2023
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server... High Unreviewed
CVE-2023-3489 was published Aug 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database