GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
70 advisories
Filter by severity
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User...
Moderate
Unreviewed
CVE-2024-21258
was published
Oct 15, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic...
Moderate
Unreviewed
CVE-2024-33004
was published
May 14, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified...
Moderate
Unreviewed
CVE-2024-25655
was published
Mar 18, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...
Moderate
Unreviewed
CVE-2024-5288
was published
Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties...
Moderate
Unreviewed
CVE-2024-6916
was published
Jul 19, 2024
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Moderate
CVE-2023-50298
was published
for
org.apache.solr:solr-solrj
(Maven)
Feb 9, 2024
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and...
Moderate
Unreviewed
CVE-2023-49515
was published
Jan 17, 2024
An information disclosure vulnerability exists when attaching files to Outlook messages, aka ...
Moderate
Unreviewed
CVE-2020-1493
was published
May 24, 2022
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an...
Moderate
Unreviewed
CVE-2024-28132
was published
May 8, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the...
Moderate
Unreviewed
CVE-2024-29965
was published
Apr 19, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information...
Moderate
Unreviewed
CVE-2023-29261
was published
Sep 5, 2023
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode...
Moderate
Unreviewed
CVE-2023-28864
was published
Jul 17, 2023
Anonymous user may get the list of existing users managed by the application, that could ease...
Moderate
Unreviewed
CVE-2023-3064
was published
Jun 5, 2023
A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31150
was published
May 10, 2023
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information...
Moderate
Unreviewed
CVE-2022-43877
was published
May 6, 2023
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global...
Moderate
Unreviewed
CVE-2019-14957
was published
May 24, 2022
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox...
Moderate
Unreviewed
CVE-2019-9253
was published
May 24, 2022
An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS...
Moderate
Unreviewed
CVE-2019-5633
was published
May 24, 2022
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak...
Moderate
Unreviewed
CVE-2024-21826
was published
Mar 4, 2024
ProTip!
Advisories are also available from the
GraphQL API