Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,713
NuGet
661
pip
3,386
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

529 advisories

Loading
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows... High Unreviewed
CVE-2023-44037 was published Oct 14, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed
CVE-2023-41964 was published Oct 10, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed
CVE-2023-2809 was published Oct 4, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security... Moderate Unreviewed
CVE-2023-4066 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information. The following... Moderate Unreviewed
CVE-2023-44159 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The... Low Unreviewed
CVE-2023-44153 was published Sep 27, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed
CVE-2023-2358 was published Sep 27, 2023
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes Low
CVE-2023-41335 was published for matrix-synapse (pip) Sep 26, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed
CVE-2023-40715 was published Sep 13, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as... Critical Unreviewed
CVE-2023-31069 was published Sep 11, 2023
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,... Low Unreviewed
CVE-2023-3950 was published Sep 1, 2023
Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed
CVE-2023-31423 was published Aug 31, 2023
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed
CVE-2023-31925 was published Aug 31, 2023
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server... High Unreviewed
CVE-2023-3489 was published Aug 31, 2023
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected... Low Unreviewed
CVE-2023-4392 was published Aug 17, 2023
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password... Moderate Unreviewed
CVE-2023-40354 was published Aug 14, 2023
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System... High Unreviewed
CVE-2023-31041 was published Aug 14, 2023
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow... Moderate Unreviewed
CVE-2023-39210 was published Aug 9, 2023
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user... Moderate Unreviewed
CVE-2023-36136 was published Aug 8, 2023
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular... Moderate Unreviewed
CVE-2023-39440 was published Aug 8, 2023
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The... Moderate Unreviewed
CVE-2023-39903 was published Aug 7, 2023
Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing... Critical Unreviewed
CVE-2023-33373 was published Aug 4, 2023
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's... High Unreviewed
CVE-2023-39379 was published Aug 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database