Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed
CVE-2024-20448 was published Oct 2, 2024
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp... Critical Unreviewed
CVE-2024-8644 was published Sep 27, 2024
An unauthorized user is able to gain access to sensitive data, including credentials, by... High Unreviewed
CVE-2024-38280 was published Jun 13, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive... High Unreviewed
CVE-2024-25661 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed
CVE-2024-28810 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed
CVE-2024-28807 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in... High Unreviewed
CVE-2024-28809 was published Sep 30, 2024
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed
CVE-2024-45862 was published Sep 19, 2024
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes Low
CVE-2023-41335 was published for matrix-synapse (pip) Sep 26, 2023
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in... Low Unreviewed
CVE-2023-5359 was published Sep 25, 2024
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within... High Unreviewed
CVE-2024-8459 was published Sep 30, 2024
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular... Moderate Unreviewed
CVE-2023-39440 was published Aug 8, 2023
The configuration file stores credentials in cleartext. An attacker with local access rights can... Moderate Unreviewed
CVE-2024-6785 was published Sep 21, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank... Moderate Unreviewed
CVE-2024-9040 was published Sep 20, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed
CVE-2024-7259 was published Sep 26, 2024
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed
CVE-2023-41096 was published Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ... Critical Unreviewed
CVE-2023-41095 was published Oct 26, 2023
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed
CVE-2023-6874 was published Feb 5, 2024
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed
CVE-2022-38710 was published Nov 4, 2022
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting... Moderate Unreviewed
CVE-2024-35282 was published Sep 10, 2024
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform... High Unreviewed
CVE-2023-50957 was published Feb 10, 2024
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions... High Unreviewed
CVE-2023-46388 was published Dec 1, 2023
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to... High Unreviewed
CVE-2023-46386 was published Dec 1, 2023
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed
CVE-2023-37396 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database