GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that...
Moderate
Unreviewed
CVE-2023-23915
was published
Feb 23, 2023
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear...
Moderate
Unreviewed
CVE-2022-38458
was published
Mar 21, 2023
An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password...
Moderate
Unreviewed
CVE-2023-27927
was published
Mar 27, 2023
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6...
Moderate
Unreviewed
CVE-2023-1648
was published
Mar 28, 2023
The Samba AD DC administration tool, when operating against a remote LDAP server, will by default...
Moderate
Unreviewed
CVE-2023-0922
was published
Apr 4, 2023
Jenkins Kubernetes Plugin does not properly mask credentials
Moderate
CVE-2023-30513
was published
for
org.csanchez.jenkins.plugins:kubernetes
(Maven)
Apr 12, 2023
Jenkins Azure Key Vault Plugin does not properly mask credentials
Moderate
CVE-2023-30514
was published
for
org.jenkins-ci.plugins:azure-keyvault
(Maven)
Apr 12, 2023
Jenkins Thycotic DevOps Secrets Vault Plugin does not properly mask credentials
Moderate
CVE-2023-30515
was published
for
io.jenkins.plugins:thycotic-devops-secrets-vault
(Maven)
Apr 12, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0...
Moderate
Unreviewed
CVE-2019-14942
was published
Apr 16, 2023
Ironic and ironic-inspector may expose as ConfigMaps
Moderate
CVE-2023-30841
was published
for
github.com/metal3-io/baremetal-operator
(Go)
Apr 26, 2023
Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an...
Moderate
Unreviewed
CVE-2023-29681
was published
May 2, 2023
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows...
Moderate
Unreviewed
CVE-2023-29680
was published
May 2, 2023
Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2...
Moderate
Unreviewed
CVE-2023-25070
was published
May 10, 2023
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A),...
Moderate
Unreviewed
CVE-2023-0864
was published
May 17, 2023
html inputs of type password recorded in plaintext when converted to text inputs
Moderate
CVE-2023-33187
was published
for
highlight.run
(npm)
May 26, 2023
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information...
Moderate
Unreviewed
CVE-2023-27861
was published
Jun 5, 2023
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS...
Moderate
Unreviewed
CVE-2022-41327
was published
Jun 13, 2023
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without...
Moderate
Unreviewed
CVE-2023-31195
was published
Jun 13, 2023
An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP...
Moderate
Unreviewed
CVE-2023-35833
was published
Jul 13, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36672
was published
Aug 10, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36671
was published
Aug 10, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP...
Moderate
Unreviewed
CVE-2023-34972
was published
Aug 24, 2023
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure...
Moderate
Unreviewed
CVE-2023-25848
was published
Aug 25, 2023
IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by...
Moderate
Unreviewed
CVE-2023-22870
was published
Sep 5, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices...
Moderate
Unreviewed
CVE-2022-47560
was published
Sep 20, 2023
ProTip!
Advisories are also available from the
GraphQL API