GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
143 advisories
Filter by severity
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User...
Moderate
Unreviewed
CVE-2024-21258
was published
Oct 15, 2024
An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-48770
was published
Oct 11, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
Low
CVE-2024-47197
was published
for
org.apache.maven.plugins:maven-archetype-plugin
(Maven)
Sep 26, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...
Moderate
Unreviewed
CVE-2024-5288
was published
Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties...
Moderate
Unreviewed
CVE-2024-6916
was published
Jul 19, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into...
Low
Unreviewed
CVE-2024-6295
was published
Jun 25, 2024
rke's credentials are stored in the RKE1 Cluster state ConfigMap
Critical
CVE-2023-32191
was published
for
github.com/rancher/rke
(Go)
Jun 17, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
High
CVE-2024-4540
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 10, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic...
Moderate
Unreviewed
CVE-2024-33004
was published
May 14, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an...
Moderate
Unreviewed
CVE-2024-28132
was published
May 8, 2024
An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via...
Low
Unreviewed
CVE-2024-32236
was published
Apr 25, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a...
High
Unreviewed
CVE-2024-22808
was published
Apr 22, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when...
High
Unreviewed
CVE-2024-29968
was published
Apr 19, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the...
Moderate
Unreviewed
CVE-2024-29965
was published
Apr 19, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma...
High
Unreviewed
CVE-2023-42913
was published
Mar 28, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified...
Moderate
Unreviewed
CVE-2024-25655
was published
Mar 18, 2024
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4...
Unknown
Unreviewed
CVE-2024-28069
was published
Mar 16, 2024
The encrypted subject of an email message could be incorrectly and permanently assigned to an...
High
Unreviewed
CVE-2024-1936
was published
Mar 5, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Moderate
CVE-2023-50298
was published
for
org.apache.solr:solr-solrj
(Maven)
Feb 9, 2024
ProTip!
Advisories are also available from the
GraphQL API