GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
70 advisories
Filter by severity
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User...
Moderate
Unreviewed
CVE-2024-21258
was published
Oct 15, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...
Moderate
Unreviewed
CVE-2024-5288
was published
Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties...
Moderate
Unreviewed
CVE-2024-6916
was published
Jul 19, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic...
Moderate
Unreviewed
CVE-2024-33004
was published
May 14, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an...
Moderate
Unreviewed
CVE-2024-28132
was published
May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the...
Moderate
Unreviewed
CVE-2024-29965
was published
Apr 19, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified...
Moderate
Unreviewed
CVE-2024-25655
was published
Mar 18, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Moderate
CVE-2023-50298
was published
for
org.apache.solr:solr-solrj
(Maven)
Feb 9, 2024
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and...
Moderate
Unreviewed
CVE-2023-49515
was published
Jan 17, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin...
Moderate
Unreviewed
CVE-2023-5879
was published
Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an...
Moderate
Unreviewed
CVE-2023-45184
was published
Dec 14, 2023
Logging of the firestore key within nodejs-firestore
Moderate
CVE-2023-6460
was published
for
@google-cloud/firestore
(npm)
Dec 4, 2023
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows...
Moderate
Unreviewed
CVE-2023-6253
was published
Nov 22, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information...
Moderate
Unreviewed
CVE-2022-43877
was published
May 6, 2023
Publify Core does not strip metadata from images
Moderate
CVE-2022-2815
was published
for
publify_core
(RubyGems)
Jan 14, 2023
ProTip!
Advisories are also available from the
GraphQL API