GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
462 advisories
Filter by severity
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages...
High
Unreviewed
CVE-2022-3261
was published
Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected...
High
Unreviewed
CVE-2023-40729
was published
Sep 14, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation...
High
Unreviewed
CVE-2023-34998
was published
Sep 5, 2023
IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by...
Moderate
Unreviewed
CVE-2023-22870
was published
Sep 5, 2023
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure...
Moderate
Unreviewed
CVE-2023-25848
was published
Aug 25, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP...
Moderate
Unreviewed
CVE-2023-34972
was published
Aug 24, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36672
was published
Aug 10, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36671
was published
Aug 10, 2023
An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely...
High
Unreviewed
CVE-2023-36673
was published
Aug 10, 2023
ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.
High
Unreviewed
CVE-2023-39086
was published
Aug 8, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This...
Low
Unreviewed
CVE-2023-3763
was published
Jul 19, 2023
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this...
Low
Unreviewed
CVE-2023-3761
was published
Jul 19, 2023
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on...
High
Unreviewed
CVE-2023-34142
was published
Jul 18, 2023
An insecure connection between Systems Manager and CQI Reporter application could expose infusion...
Low
Unreviewed
CVE-2023-30565
was published
Jul 13, 2023
An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP...
Moderate
Unreviewed
CVE-2023-35833
was published
Jul 13, 2023
An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to...
High
Unreviewed
CVE-2023-31823
was published
Jul 13, 2023
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a
remote...
High
Unreviewed
CVE-2023-3272
was published
Jul 10, 2023
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
Mattermost fails to redact from audit logs the user password during user creation and the user...
High
Unreviewed
CVE-2023-1831
was published
Jul 6, 2023
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac...
High
Unreviewed
CVE-2023-0053
was published
Jul 6, 2023
The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal...
High
Unreviewed
CVE-2022-41627
was published
Jul 6, 2023
there is a possible use of unencrypted transport over cellular networks due to an insecure...
High
Unreviewed
CVE-2023-21219
was published
Jun 28, 2023
there is a possible use of unencrypted transport over cellular networks due to an insecure...
High
Unreviewed
CVE-2023-21220
was published
Jun 28, 2023
A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to...
High
Unreviewed
CVE-2023-31410
was published
Jun 19, 2023
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File...
High
Unreviewed
CVE-2023-23841
was published
Jun 16, 2023
ProTip!
Advisories are also available from the
GraphQL API