Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,178 advisories

Loading
LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40511 was published May 3, 2024
LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40510 was published May 3, 2024
Use of reversible password encryption algorithm allows attackers to decrypt passwords.  Sensitive... Moderate Unreviewed
CVE-2024-3543 was published May 2, 2024
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext Low
CVE-2024-34147 was published for org.jenkins-ci.plugins:telegrambot (Maven) May 2, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure... Moderate Unreviewed
CVE-2024-28961 was published Apr 29, 2024
H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's... Critical Unreviewed
CVE-2024-32238 was published Apr 22, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due... High Unreviewed
CVE-2023-37400 was published Apr 19, 2024
Audit records for OpenAPI requests may include sensitive information. This could lead to... High Unreviewed
CVE-2023-6916 was published Apr 10, 2024
Azure Identity Library for .NET Information Disclosure Vulnerability Moderate
CVE-2024-29992 was published for Azure.Identity (NuGet) Apr 9, 2024
scottaddie
A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0... High Unreviewed
CVE-2023-41677 was published Apr 9, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed
CVE-2024-20282 was published Apr 3, 2024
System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed
CVE-2024-3165 was published Apr 2, 2024
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed
CVE-2023-50311 was published Mar 31, 2024
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By... Moderate Unreviewed
CVE-2024-29216 was published Mar 25, 2024
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... High Unreviewed
CVE-2024-29071 was published Mar 25, 2024
Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated... High Unreviewed
CVE-2022-47037 was published Mar 18, 2024
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores... Moderate Unreviewed
CVE-2021-38938 was published Mar 15, 2024
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command... Critical Unreviewed
CVE-2024-21815 was published Mar 5, 2024
An issue was discovered in Couchbase Server before 7.2.4. ns_server admin credentials are leaked... Moderate Unreviewed
CVE-2023-50436 was published Feb 29, 2024
Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100,... High Unreviewed
CVE-2023-6259 was published Feb 20, 2024
The database access credentials configured during installation are stored in a special table, and... Moderate Unreviewed
CVE-2023-4538 was published Feb 15, 2024
CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized... High Unreviewed
CVE-2023-27975 was published Feb 14, 2024
A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed... Moderate Unreviewed
CVE-2024-23306 was published Feb 14, 2024
IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser... Moderate Unreviewed
CVE-2022-34311 was published Feb 12, 2024
IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that... Moderate Unreviewed
CVE-2022-38714 was published Feb 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database