Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Loading
Sensitive information disclosure due to cleartext storage of sensitive information. The following... Moderate Unreviewed
CVE-2023-44159 was published Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed
CVE-2023-2358 was published Sep 27, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed
CVE-2023-40715 was published Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed
CVE-2023-31925 was published Aug 31, 2023
Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed
CVE-2023-31423 was published Aug 31, 2023
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password... Moderate Unreviewed
CVE-2023-40354 was published Aug 14, 2023
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow... Moderate Unreviewed
CVE-2023-39210 was published Aug 9, 2023
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user... Moderate Unreviewed
CVE-2023-36136 was published Aug 8, 2023
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The... Moderate Unreviewed
CVE-2023-39903 was published Aug 7, 2023
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32446 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32455 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32447 was published Jul 20, 2023
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32483 was published Jul 20, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This... Moderate Unreviewed
CVE-2023-3762 was published Jul 19, 2023
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2023-20207 was published Jul 12, 2023
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with... Moderate Unreviewed
CVE-2023-35699 was published Jul 10, 2023
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack)... Moderate Unreviewed
CVE-2022-2513 was published Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in... Moderate Unreviewed
CVE-2023-3395 was published Jul 3, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear... Moderate Unreviewed
CVE-2022-33159 was published Jun 15, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console... Moderate Unreviewed
CVE-2023-28345 was published May 31, 2023
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext... Moderate Unreviewed
CVE-2023-32448 was published May 30, 2023
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be... Moderate Unreviewed
CVE-2023-22878 was published May 19, 2023
In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there... Moderate Unreviewed
CVE-2023-20914 was published May 16, 2023
Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0... Moderate Unreviewed
CVE-2023-24586 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API