Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <=... High Unreviewed
CVE-2023-30367 was published Jul 26, 2023
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
An issue found in ALBIS Co. ALBIS v.13.6.1 allows a remote attacker to gain access to sensitive... High Unreviewed
CVE-2023-31821 was published Jul 13, 2023
Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214... High Unreviewed
CVE-2023-31408 was published Jul 6, 2023
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured High
CVE-2023-0690 was published for github.com/hashicorp/boundary (Go) Jul 6, 2023
An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain... High Unreviewed
CVE-2023-27243 was published Jun 21, 2023
Atlas Copco Power Focus 6000 web server does not sanitize the login information stored by the... High Unreviewed
CVE-2023-1897 was published Jun 12, 2023
The Danfoss AK-EM100 stores login credentials in cleartext. High Unreviewed
CVE-2023-22584 was published Jun 11, 2023
Bitwarden Desktop v1.20.0 and above stores the biometric key in plaintext which allows a local... High Unreviewed
CVE-2023-27706 was published Jun 9, 2023
Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3.... High Unreviewed
CVE-2023-28713 was published Jun 1, 2023
Data written to GitHub Actions Cache may expose secrets High
CVE-2023-30853 was published for gradle/gradle-build-action (GitHub Actions) May 1, 2023
bigdaz
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40... High Unreviewed
CVE-2023-2335 was published Apr 27, 2023
Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use. High Unreviewed
CVE-2023-29480 was published Apr 24, 2023
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in... High Unreviewed
CVE-2023-31043 was published Apr 23, 2023
Strapi leaking sensitive user information by filtering on private fields High
CVE-2023-22894 was published for @strapi/strapi (npm) Apr 19, 2023
derrickmehaffy Ccamm
Convly Marc-Roig
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of... High Unreviewed
CVE-2023-26593 was published Apr 11, 2023
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this... High Unreviewed
CVE-2023-1683 was published Mar 29, 2023
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability... High Unreviewed
CVE-2023-26760 was published Feb 27, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with... High Unreviewed
CVE-2022-34351 was published Feb 17, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-41734 was published Feb 17, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... High Unreviewed
CVE-2022-34388 was published Feb 11, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. High Unreviewed
CVE-2022-48071 was published Jan 27, 2023
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. High Unreviewed
CVE-2022-48073 was published Jan 27, 2023
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie High
CVE-2015-8314 was published for devise (RubyGems) Jan 26, 2023
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects High
CVE-2022-43757 was published for github.com/rancher/rancher (Go) Jan 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database