Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

122 advisories

Loading
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed
CVE-2024-29953 was published Jun 26, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed
CVE-2024-6295 was published Jun 25, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
GHSA-69fp-7c8p-crjr was published for org.keycloak:keycloak-services (Maven) Jun 10, 2024
mschallar
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :... Moderate Unreviewed
CVE-2022-44581 was published May 17, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an... Moderate Unreviewed
CVE-2024-28132 was published May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the... Moderate Unreviewed
CVE-2024-29965 was published Apr 19, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak... Moderate Unreviewed
CVE-2024-21826 was published Mar 4, 2024
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass. High Unreviewed
CVE-2024-22773 was published Feb 6, 2024
vantage6 may create unencrypted tasks in encrypted collaboration Low
CVE-2024-22193 was published for vantage6 (pip) Jan 30, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin... Moderate Unreviewed
CVE-2023-5879 was published Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to... High Unreviewed
CVE-2023-45182 was published Dec 14, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an... Moderate Unreviewed
CVE-2023-45184 was published Dec 14, 2023
Logging of the firestore key within nodejs-firestore Moderate
CVE-2023-6460 was published for @google-cloud/firestore (npm) Dec 4, 2023
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows... Moderate Unreviewed
CVE-2023-6253 was published Nov 22, 2023
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows... High Unreviewed
CVE-2023-32184 was published Sep 19, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the... High Unreviewed
CVE-2023-41965 was published Sep 18, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information... High Unreviewed
CVE-2023-37879 was published Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40728 was published Sep 14, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information... Moderate Unreviewed
CVE-2023-29261 was published Sep 5, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions... High Unreviewed
CVE-2022-46484 was published Aug 2, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode... Moderate Unreviewed
CVE-2023-28864 was published Jul 17, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate... High Unreviewed
CVE-2023-22687 was published Jul 6, 2023
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
Anonymous user may get the list of existing users managed by the application, that could ease... Moderate Unreviewed
CVE-2023-3064 was published Jun 5, 2023
RosarioSIS Stores Sensitive Data in a Mechanism without Access Control High
CVE-2023-2665 was published for francoisjacquet/rosariosis (Composer) May 19, 2023
ProTip! Advisories are also available from the GraphQL API