Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows... High Unreviewed
CVE-2023-32184 was published Sep 19, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the... High Unreviewed
CVE-2023-41965 was published Sep 18, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information... High Unreviewed
CVE-2023-37879 was published Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40728 was published Sep 14, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions... High Unreviewed
CVE-2022-46484 was published Aug 2, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate... High Unreviewed
CVE-2023-22687 was published Jul 6, 2023
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause escalation of... High Unreviewed
CVE-2023-29755 was published Jun 9, 2023
An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause... High Unreviewed
CVE-2023-29757 was published Jun 9, 2023
RosarioSIS Stores Sensitive Data in a Mechanism without Access Control High
CVE-2023-2665 was published for francoisjacquet/rosariosis (Composer) May 19, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may... High Unreviewed
CVE-2022-43475 was published May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may... High Unreviewed
CVE-2022-44619 was published May 10, 2023
Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view... High Unreviewed
CVE-2021-36546 was published Feb 3, 2023
ezplatform-graphql GraphQL queries can expose password hashes High
CVE-2022-41876 was published for ezsystems/ezplatform-graphql (Composer) Nov 10, 2022
tranca
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such... High Unreviewed
CVE-2022-37835 was published Sep 13, 2022
In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server... High Unreviewed
CVE-2022-28168 was published Jun 28, 2022
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6... High Unreviewed
CVE-2020-8481 was published May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed
CVE-2021-28813 was published May 24, 2022
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),... High Unreviewed
CVE-2021-39289 was published May 24, 2022
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information... High Unreviewed
CVE-2021-22914 was published May 24, 2022
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files ... High Unreviewed
CVE-2021-25276 was published May 24, 2022
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. High Unreviewed
CVE-2021-25776 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. Unrestricted access to a high... High Unreviewed
CVE-2020-15775 was published May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database