GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
122 advisories
Filter by severity
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile...
High
Unreviewed
CVE-2023-40728
was published
Sep 14, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions...
High
Unreviewed
CVE-2022-46484
was published
Aug 2, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may...
High
Unreviewed
CVE-2022-44619
was published
May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may...
High
Unreviewed
CVE-2022-43475
was published
May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information...
Moderate
Unreviewed
CVE-2022-43877
was published
May 6, 2023
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise)...
Critical
Unreviewed
CVE-2023-0580
was published
Apr 6, 2023
Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view...
High
Unreviewed
CVE-2021-36546
was published
Feb 3, 2023
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized...
Moderate
Unreviewed
CVE-2022-40959
was published
Dec 22, 2022
Logins saved by Firefox should be managed by the Password Manager component which uses encryption...
Low
Unreviewed
CVE-2022-42931
was published
Dec 22, 2022
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored...
Low
Unreviewed
CVE-2022-34354
was published
Nov 16, 2022
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the...
Low
Unreviewed
CVE-2022-34312
was published
Nov 14, 2022
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4...
Moderate
Unreviewed
CVE-2022-28170
was published
Oct 26, 2022
Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the...
Moderate
Unreviewed
CVE-2022-41320
was published
Sep 25, 2022
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such...
High
Unreviewed
CVE-2022-37835
was published
Sep 13, 2022
Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade...
Moderate
Unreviewed
CVE-2022-28167
was published
Jun 28, 2022
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server...
High
Unreviewed
CVE-2022-28168
was published
Jun 28, 2022
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical...
Moderate
Unreviewed
CVE-2022-30740
was published
Jun 8, 2022
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android,...
Moderate
Unreviewed
CVE-2021-43512
was published
Jun 3, 2022
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6...
High
Unreviewed
CVE-2020-8481
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API