GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
122 advisories
Filter by severity
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into...
Low
Unreviewed
CVE-2024-6295
was published
Jun 25, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
High
GHSA-69fp-7c8p-crjr
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 10, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an...
Moderate
Unreviewed
CVE-2024-28132
was published
May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the...
Moderate
Unreviewed
CVE-2024-29965
was published
Apr 19, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass.
High
Unreviewed
CVE-2024-22773
was published
Feb 6, 2024
vantage6 may create unencrypted tasks in encrypted collaboration
Low
CVE-2024-22193
was published
for
vantage6
(pip)
Jan 30, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin...
Moderate
Unreviewed
CVE-2023-5879
was published
Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to...
High
Unreviewed
CVE-2023-45182
was published
Dec 14, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an...
Moderate
Unreviewed
CVE-2023-45184
was published
Dec 14, 2023
Logging of the firestore key within nodejs-firestore
Moderate
CVE-2023-6460
was published
for
@google-cloud/firestore
(npm)
Dec 4, 2023
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows...
Moderate
Unreviewed
CVE-2023-6253
was published
Nov 22, 2023
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows...
High
Unreviewed
CVE-2023-32184
was published
Sep 19, 2023
** UNSUPPPORTED WHEN ASSIGNED **
Sending some requests in the web application of the...
High
Unreviewed
CVE-2023-41965
was published
Sep 18, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information...
High
Unreviewed
CVE-2023-37879
was published
Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile...
High
Unreviewed
CVE-2023-40728
was published
Sep 14, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions...
High
Unreviewed
CVE-2022-46484
was published
Aug 2, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
RosarioSIS Stores Sensitive Data in a Mechanism without Access Control
High
CVE-2023-2665
was published
for
francoisjacquet/rosariosis
(Composer)
May 19, 2023
ProTip!
Advisories are also available from the
GraphQL API