Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

485 advisories

Loading
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System... High Unreviewed
CVE-2023-31041 was published Aug 14, 2023
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow... Moderate Unreviewed
CVE-2023-39210 was published Aug 9, 2023
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user... Moderate Unreviewed
CVE-2023-36136 was published Aug 8, 2023
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The... Moderate Unreviewed
CVE-2023-39903 was published Aug 7, 2023
Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing... Critical Unreviewed
CVE-2023-33373 was published Aug 4, 2023
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's... High Unreviewed
CVE-2023-39379 was published Aug 4, 2023
Assmann Digitus Plug&View IP Camera family allows unauthenticated attackers to download a copy of... High Unreviewed
CVE-2023-30146 was published Aug 4, 2023
Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext. High Unreviewed
CVE-2023-39144 was published Aug 3, 2023
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Cleartext Storage of Sensitive... High Unreviewed
CVE-2023-33742 was published Jul 27, 2023
mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <=... High Unreviewed
CVE-2023-30367 was published Jul 26, 2023
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32446 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32447 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32455 was published Jul 20, 2023
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32483 was published Jul 20, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This... Moderate Unreviewed
CVE-2023-3762 was published Jul 19, 2023
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
An issue found in ALBIS Co. ALBIS v.13.6.1 allows a remote attacker to gain access to sensitive... High Unreviewed
CVE-2023-31821 was published Jul 13, 2023
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2023-20207 was published Jul 12, 2023
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6... Low Unreviewed
CVE-2022-22302 was published Jul 11, 2023
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with... Moderate Unreviewed
CVE-2023-35699 was published Jul 10, 2023
Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214... High Unreviewed
CVE-2023-31408 was published Jul 6, 2023
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured High
CVE-2023-0690 was published for github.com/hashicorp/boundary (Go) Jul 6, 2023
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack)... Moderate Unreviewed
CVE-2022-2513 was published Jul 6, 2023
?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in... Moderate Unreviewed
CVE-2023-3395 was published Jul 3, 2023
An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain... High Unreviewed
CVE-2023-27243 was published Jun 21, 2023
ProTip! Advisories are also available from the GraphQL API