GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
63 advisories
Filter by severity
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic...
Moderate
Unreviewed
CVE-2024-33004
was published
May 14, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified...
Moderate
Unreviewed
CVE-2024-25655
was published
Mar 18, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...
Moderate
Unreviewed
CVE-2024-5288
was published
Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties...
Moderate
Unreviewed
CVE-2024-6916
was published
Jul 19, 2024
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and...
Moderate
Unreviewed
CVE-2023-49515
was published
Jan 17, 2024
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ...
Moderate
Unreviewed
CVE-2020-1493
was published
May 24, 2022
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an...
Moderate
Unreviewed
CVE-2024-28132
was published
May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the...
Moderate
Unreviewed
CVE-2024-29965
was published
Apr 19, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information...
Moderate
Unreviewed
CVE-2022-43877
was published
May 6, 2023
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin...
Moderate
Unreviewed
CVE-2023-5879
was published
Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an...
Moderate
Unreviewed
CVE-2023-45184
was published
Dec 14, 2023
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows...
Moderate
Unreviewed
CVE-2023-6253
was published
Nov 22, 2023
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.
Moderate
Unreviewed
CVE-2022-0881
was published
Mar 10, 2022
ProTip!
Advisories are also available from the
GraphQL API