Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic... Moderate Unreviewed
CVE-2024-33004 was published May 14, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the... Moderate Unreviewed
CVE-2024-47122 was published Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-43694 was published Sep 26, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified... Moderate Unreviewed
CVE-2024-25655 was published Mar 18, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT... Moderate Unreviewed
CVE-2024-5288 was published Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties... Moderate Unreviewed
CVE-2024-6916 was published Jul 19, 2024
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds Moderate
CVE-2023-50298 was published for org.apache.solr:solr-solrj (Maven) Feb 9, 2024
DanielRuf
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and... Moderate Unreviewed
CVE-2023-49515 was published Jan 17, 2024
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ... Moderate Unreviewed
CVE-2020-1493 was published May 24, 2022
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed
CVE-2024-29953 was published Jun 26, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :... Moderate Unreviewed
CVE-2022-44581 was published May 17, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an... Moderate Unreviewed
CVE-2024-28132 was published May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the... Moderate Unreviewed
CVE-2024-29965 was published Apr 19, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information... Moderate Unreviewed
CVE-2023-29261 was published Sep 5, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode... Moderate Unreviewed
CVE-2023-28864 was published Jul 17, 2023
Anonymous user may get the list of existing users managed by the application, that could ease... Moderate Unreviewed
CVE-2023-3064 was published Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering... Moderate Unreviewed
CVE-2023-31150 was published May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information... Moderate Unreviewed
CVE-2022-43877 was published May 6, 2023
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global... Moderate Unreviewed
CVE-2019-14957 was published May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox... Moderate Unreviewed
CVE-2019-9253 was published May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS... Moderate Unreviewed
CVE-2019-5633 was published May 24, 2022
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak... Moderate Unreviewed
CVE-2024-21826 was published Mar 4, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin... Moderate Unreviewed
CVE-2023-5879 was published Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an... Moderate Unreviewed
CVE-2023-45184 was published Dec 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database