GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
139 advisories
Filter by severity
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows...
High
Unreviewed
CVE-2023-32184
was published
Sep 19, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information...
High
Unreviewed
CVE-2023-37879
was published
Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile...
High
Unreviewed
CVE-2023-40728
was published
Sep 14, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions...
High
Unreviewed
CVE-2022-46484
was published
Aug 2, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may...
High
Unreviewed
CVE-2022-44619
was published
May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information...
Moderate
Unreviewed
CVE-2022-43877
was published
May 6, 2023
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the...
High
Unreviewed
CVE-2019-5627
was published
May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in...
High
Unreviewed
CVE-2019-5626
was published
May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information...
High
Unreviewed
CVE-2020-25966
was published
May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **
Sending some requests in the web application of the...
High
Unreviewed
CVE-2023-41965
was published
Sep 18, 2023
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
vantage6 may create unencrypted tasks in encrypted collaboration
Low
CVE-2024-22193
was published
for
vantage6
(pip)
Jan 30, 2024
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin...
Moderate
Unreviewed
CVE-2023-5879
was published
Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to...
High
Unreviewed
CVE-2023-45182
was published
Dec 14, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an...
Moderate
Unreviewed
CVE-2023-45184
was published
Dec 14, 2023
Logging of the firestore key within nodejs-firestore
Moderate
CVE-2023-6460
was published
for
@google-cloud/firestore
(npm)
Dec 4, 2023
ProTip!
Advisories are also available from the
GraphQL API