GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,066

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

467 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ... Moderate Unreviewed

CVE-2023-35789 was published Jun 16, 2023

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which... Moderate Unreviewed

CVE-2023-33620 was published Jun 13, 2023

The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build... Moderate Unreviewed

CVE-2023-27126 was published Jun 6, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials Moderate Unreviewed

CVE-2023-31187 was published May 30, 2023

Pimcore customers' list user password hash is disclosed Moderate

CVE-2023-2881 was published for pimcore/customer-management-framework-bundle (Composer) May 25, 2023

Hazelcast vulnerable to unmasked password exposure Moderate

CVE-2023-33264 was published for com.hazelcast:hazelcast (Maven) May 22, 2023

Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool... Moderate Unreviewed

CVE-2023-1763 was published May 17, 2023

Jenkins Code Dx Plugin stores API keys in plain text Moderate

CVE-2023-2632 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023

Jenkins Code Dx Plugin displays API keys in plain text Moderate

CVE-2023-2633 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023

An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote,... Moderate Unreviewed

CVE-2022-47880 was published May 12, 2023

Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow... Moderate Unreviewed

CVE-2022-40685 was published May 10, 2023

SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive... Moderate Unreviewed

CVE-2023-28764 was published May 9, 2023

An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4... Moderate Unreviewed

CVE-2022-45859 was published May 4, 2023

A valid, authenticated administrative user can query a web interface API to reveal the configured... Moderate Unreviewed

CVE-2023-25495 was published Apr 29, 2023

HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens Moderate Unreviewed

CVE-2023-28084 was published Apr 25, 2023

An HPE OneView appliance dump may expose SNMPv3 read credentials Moderate Unreviewed

CVE-2023-28090 was published Apr 25, 2023

Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote... Moderate Unreviewed

CVE-2023-1574 was published Apr 2, 2023

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 stores user... Moderate Unreviewed

CVE-2023-25686 was published Mar 21, 2023

Insufficiently protected credentials in the Intel(R) ON Event Series Android application before... Moderate Unreviewed

CVE-2022-41614 was published Feb 16, 2023

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk... Moderate Unreviewed

CVE-2023-24619 was published Feb 13, 2023

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A... Moderate Unreviewed

CVE-2022-34445 was published Feb 11, 2023

scs-library-client may leak user credentials to third-party service via HTTP redirect Moderate

CVE-2022-23538 was published for github.com/sylabs/scs-library-client (Go) Jan 20, 2023

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through... Moderate Unreviewed

CVE-2022-43959 was published Jan 20, 2023

A vulnerability has been found in CESNET theme-cesnet up to 1.x and classified as problematic.... Moderate Unreviewed

CVE-2016-15014 was published Jan 7, 2023

Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed

CVE-2022-45424 was published Dec 27, 2022

Previous 1 2 3 4 5 6 7 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

467 advisories