GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
243 advisories
Filter by severity
Sensitive information disclosure due to cleartext storage of sensitive information. The following...
Moderate
Unreviewed
CVE-2023-44159
was published
Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,...
Moderate
Unreviewed
CVE-2023-2358
was published
Sep 27, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through...
Moderate
Unreviewed
CVE-2023-40715
was published
Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x...
Moderate
Unreviewed
CVE-2023-4400
was published
Sep 13, 2023
Brocade
SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
in plaintext. A...
Moderate
Unreviewed
CVE-2023-31925
was published
Aug 31, 2023
Possible
information exposure through log file vulnerability where sensitive
fields are...
Moderate
Unreviewed
CVE-2023-31423
was published
Aug 31, 2023
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password...
Moderate
Unreviewed
CVE-2023-40354
was published
Aug 14, 2023
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow...
Moderate
Unreviewed
CVE-2023-39210
was published
Aug 9, 2023
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user...
Moderate
Unreviewed
CVE-2023-36136
was published
Aug 8, 2023
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The...
Moderate
Unreviewed
CVE-2023-39903
was published
Aug 7, 2023
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure...
Moderate
Unreviewed
CVE-2023-32446
was published
Jul 20, 2023
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure...
Moderate
Unreviewed
CVE-2023-32455
was published
Jul 20, 2023
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure...
Moderate
Unreviewed
CVE-2023-32447
was published
Jul 20, 2023
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure...
Moderate
Unreviewed
CVE-2023-32483
was published
Jul 20, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This...
Moderate
Unreviewed
CVE-2023-3762
was published
Jul 19, 2023
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an...
Moderate
Unreviewed
CVE-2023-20207
was published
Jul 12, 2023
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with...
Moderate
Unreviewed
CVE-2023-35699
was published
Jul 10, 2023
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack)...
Moderate
Unreviewed
CVE-2022-2513
was published
Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in...
Moderate
Unreviewed
CVE-2023-3395
was published
Jul 3, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear...
Moderate
Unreviewed
CVE-2022-33159
was published
Jun 15, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console...
Moderate
Unreviewed
CVE-2023-28345
was published
May 31, 2023
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext...
Moderate
Unreviewed
CVE-2023-32448
was published
May 30, 2023
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be...
Moderate
Unreviewed
CVE-2023-22878
was published
May 19, 2023
In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there...
Moderate
Unreviewed
CVE-2023-20914
was published
May 16, 2023
Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0...
Moderate
Unreviewed
CVE-2023-24586
was published
May 10, 2023
ProTip!
Advisories are also available from the
GraphQL API