GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,356

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

823 advisories

Filter by severity

Sort by

Least recently updated

Eaton easySoft software is used to program easy controllers and displays for configuring,... Moderate Unreviewed

CVE-2023-43777 was published Oct 17, 2023

SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local... Moderate Unreviewed

CVE-2023-27315 was published Oct 12, 2023

BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to... High Unreviewed

CVE-2022-44757 was published Oct 11, 2023

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An... Moderate Unreviewed

CVE-2022-44758 was published Oct 11, 2023

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely... Moderate Unreviewed

CVE-2022-42451 was published Oct 11, 2023

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device... Moderate Unreviewed

CVE-2023-23370 was published Oct 6, 2023

Sensitive information disclosure due to insufficient token field masking. The following products... Low Unreviewed

CVE-2023-44158 was published Sep 27, 2023

On boot, the Pillar eve container checks for the existence and content of “/config... High Unreviewed

CVE-2023-43631 was published Sep 21, 2023

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig... High Unreviewed

CVE-2023-43633 was published Sep 21, 2023

When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are... High Unreviewed

CVE-2023-43634 was published Sep 21, 2023

PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was... High Unreviewed

CVE-2023-43630 was published Sep 20, 2023

** UNSUPPPORTED WHEN ASSIGNED ** The web application stores credentials in clear text in the ... Moderate Unreviewed

CVE-2022-47561 was published Sep 20, 2023

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient... High Unreviewed

CVE-2023-25532 was published Sep 20, 2023

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient... Critical Unreviewed

CVE-2023-25531 was published Sep 20, 2023

Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom... Moderate Unreviewed

CVE-2023-41010 was published Sep 14, 2023

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores... Moderate Unreviewed

CVE-2023-32338 was published Sep 5, 2023

A pass-back vulnerability exists where an authenticated, remote attacker with administrator... Moderate Unreviewed

CVE-2023-3251 was published Aug 29, 2023

An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated... Critical Unreviewed

CVE-2022-45611 was published Aug 22, 2023

Incorrect access control in Zoho ManageEngine ADManager Plus Build 7180 allows unauthenticated... Moderate Unreviewed

CVE-2023-31492 was published Aug 18, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4327 was published Aug 15, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4328 was published Aug 15, 2023

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the... Critical Unreviewed

CVE-2023-20965 was published Aug 14, 2023

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain... Critical Unreviewed

CVE-2023-36082 was published Aug 3, 2023

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119... Moderate Unreviewed

CVE-2022-4926 was published Jul 29, 2023

Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System... High Unreviewed

CVE-2023-35067 was published Jul 25, 2023

Previous 1 2 3 4 5 6 7 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

823 advisories