Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

135 advisories

Loading
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT... Moderate Unreviewed
CVE-2024-5288 was published Aug 27, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties... Moderate Unreviewed
CVE-2024-6916 was published Jul 19, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed
CVE-2024-29953 was published Jun 26, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed
CVE-2024-6295 was published Jun 25, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
CVE-2024-4540 was published for org.keycloak:keycloak-services (Maven) Jun 10, 2024
mschallar
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :... Moderate Unreviewed
CVE-2022-44581 was published May 17, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic... Moderate Unreviewed
CVE-2024-33004 was published May 14, 2024
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an... Moderate Unreviewed
CVE-2024-28132 was published May 8, 2024
An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via... Low Unreviewed
CVE-2024-32236 was published Apr 25, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a... High Unreviewed
CVE-2024-22808 was published Apr 22, 2024
In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the... Moderate Unreviewed
CVE-2024-29965 was published Apr 19, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2023-42913 was published Mar 28, 2024
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified... Moderate Unreviewed
CVE-2024-25655 was published Mar 18, 2024
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4... Unknown Unreviewed
CVE-2024-28069 was published Mar 16, 2024
The encrypted subject of an email message could be incorrectly and permanently assigned to an... High Unreviewed
CVE-2024-1936 was published Mar 5, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak... Moderate Unreviewed
CVE-2024-21826 was published Mar 4, 2024
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds Moderate
CVE-2023-50298 was published for org.apache.solr:solr-solrj (Maven) Feb 9, 2024
DanielRuf
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass. High Unreviewed
CVE-2024-22773 was published Feb 6, 2024
vantage6 may create unencrypted tasks in encrypted collaboration Low
CVE-2024-22193 was published for vantage6 (pip) Jan 30, 2024
Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and... Moderate Unreviewed
CVE-2023-49515 was published Jan 17, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin... Moderate Unreviewed
CVE-2023-5879 was published Jan 3, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to... High Unreviewed
CVE-2023-45182 was published Dec 14, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an... Moderate Unreviewed
CVE-2023-45184 was published Dec 14, 2023
Logging of the firestore key within nodejs-firestore Moderate
CVE-2023-6460 was published for @google-cloud/firestore (npm) Dec 4, 2023
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows... Moderate Unreviewed
CVE-2023-6253 was published Nov 22, 2023
ProTip! Advisories are also available from the GraphQL API