Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,043 advisories

Loading
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in... High Unreviewed
CVE-2023-1137 was published Mar 27, 2023
CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being... High Unreviewed
CVE-2023-1518 was published Mar 28, 2023
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in... High Unreviewed
CVE-2022-48433 was published Mar 29, 2023
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote... Moderate Unreviewed
CVE-2023-1574 was published Apr 2, 2023
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated... High Unreviewed
CVE-2023-25413 was published Apr 11, 2023
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access... High Unreviewed
CVE-2023-25407 was published Apr 11, 2023
Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows... High Unreviewed
CVE-2023-25760 was published Apr 19, 2023
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows... High Unreviewed
CVE-2022-4308 was published Apr 19, 2023
Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm,... High Unreviewed
CVE-2021-33589 was published Apr 21, 2023
A vulnerability in the expo.io framework allows an attacker to take over accounts and steal... Critical Unreviewed
CVE-2023-28131 was published Apr 24, 2023
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules High Unreviewed
CVE-2023-28089 was published Apr 25, 2023
An HPE OneView appliance dump may expose SAN switch administrative credentials High Unreviewed
CVE-2023-28088 was published Apr 25, 2023
An HPE OneView appliance dump may expose SNMPv3 read credentials Moderate Unreviewed
CVE-2023-28090 was published Apr 25, 2023
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens Moderate Unreviewed
CVE-2023-28084 was published Apr 25, 2023
Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS,... High Unreviewed
CVE-2023-26567 was published Apr 26, 2023
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 ... Critical Unreviewed
CVE-2023-1778 was published Apr 27, 2023
Potential leak of authentication data to 3rd parties Critical
CVE-2023-30846 was published for typed-rest-client (npm) Apr 27, 2023
yahavi JLLeitschuh
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40... High Unreviewed
CVE-2023-2335 was published Apr 27, 2023
A valid, authenticated administrative user can query a web interface API to reveal the configured... Moderate Unreviewed
CVE-2023-25495 was published Apr 29, 2023
An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4... Moderate Unreviewed
CVE-2022-45859 was published May 4, 2023
Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. ... High Unreviewed
CVE-2023-24506 was published May 8, 2023
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive... Moderate Unreviewed
CVE-2023-28764 was published May 9, 2023
Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow... Moderate Unreviewed
CVE-2022-40685 was published May 10, 2023
PostgresNIO processes unencrypted bytes from man-in-the-middle Low
CVE-2023-31136 was published for github.com/vapor/postgres-nio (Swift) May 10, 2023
fabianfett gwynne
An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote,... Moderate Unreviewed
CVE-2022-47880 was published May 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database