GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,209

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

13 advisories

Filter by severity

Sort by

Least recently updated

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical... Moderate Unreviewed

CVE-2022-46142 was published Dec 13, 2022

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering... Moderate Unreviewed

CVE-2023-31150 was published May 10, 2023

Pimcore customers' list user password hash is disclosed Moderate

CVE-2023-2881 was published for pimcore/customer-management-framework-bundle (Composer) May 25, 2023

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed

CVE-2023-2358 was published Sep 27, 2023

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed

CVE-2023-31001 was published Jan 11, 2024

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages... Moderate Unreviewed

CVE-2023-38738 was published Jan 19, 2024

Use of reversible password encryption algorithm allows attackers to decrypt passwords. ... Moderate Unreviewed

CVE-2024-3543 was published May 2, 2024

Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed

CVE-2023-42955 was published May 14, 2024

The key used to encrypt passwords stored in the database can be found in the CyberPower... Moderate Unreviewed

CVE-2024-32042 was published May 15, 2024

Under certain circumstances the Linux users credentials may be recovered by an authenticated user. Moderate Unreviewed

CVE-2024-32756 was published Jul 2, 2024

Under certain circumstances the web interface users credentials may be recovered by an... Moderate Unreviewed

CVE-2024-32932 was published Jul 2, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed

CVE-2024-20462 was published Oct 16, 2024

User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed

CVE-2024-32151 was published Nov 26, 2024

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

13 advisories