Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

164 advisories

Loading
The Simple History plugin for WordPress is vulnerable to sensitive data exposure via Detective... Moderate Unreviewed
CVE-2025-5760 was published Jun 6, 2025
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If... Critical Unreviewed
CVE-2025-2500 was published May 30, 2025
IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2025-33079 was published May 27, 2025
SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms... Moderate Unreviewed
CVE-2025-43005 was published May 13, 2025
On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File... Moderate Unreviewed
CVE-2025-0936 was published May 8, 2025
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed
CVE-2025-2770 was published Apr 23, 2025
An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302... Low Unreviewed
CVE-2025-25985 was published Apr 18, 2025
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-43186 was published Mar 29, 2025
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local... Moderate Unreviewed
CVE-2024-45638 was published Mar 14, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed
CVE-2025-27656 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27662 was published Mar 5, 2025
Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were... Moderate Unreviewed
CVE-2025-25727 was published Feb 28, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... High Unreviewed
CVE-2024-41336 was published Feb 27, 2025
A vulnerability exists in the VideONet product included in the listed System 800xA versions,... High Unreviewed
CVE-2024-10334 was published Feb 10, 2025
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local... Moderate Unreviewed
CVE-2023-50945 was published Jan 26, 2025
After gaining access to the firmware of a charging station, a file at <redacted> can be accessed... High Unreviewed
CVE-2024-43659 was published Jan 9, 2025
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21111 was published Jan 8, 2025
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21102 was published Jan 8, 2025
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9  stores user credentials in... Moderate Unreviewed
CVE-2024-52361 was published Dec 18, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to... Moderate Unreviewed
CVE-2023-50956 was published Dec 18, 2024
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in... High Unreviewed
CVE-2024-53292 was published Dec 11, 2024
Certain models of routers from Billion Electric has a Plaintext Storage of a Password... High Unreviewed
CVE-2024-11982 was published Nov 29, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-29978 was published Nov 26, 2024
IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be... Moderate Unreviewed
CVE-2024-49351 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database