Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote... High Unreviewed
CVE-2024-41771 was published Mar 3, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote... High Unreviewed
CVE-2024-41770 was published Mar 3, 2025
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to... High Unreviewed
CVE-2023-37362 was published Jul 20, 2023
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability... High Unreviewed
CVE-2025-1886 was published Mar 7, 2025
TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5... High Unreviewed
CVE-2022-47703 was published Feb 17, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... High Unreviewed
CVE-2024-29071 was published Mar 25, 2024
The exposure of credentials in the call forwarding configuration module in MeetMe products in... High Unreviewed
CVE-2025-2908 was published Mar 28, 2025
Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13... High Unreviewed
CVE-2025-2277 was published Mar 13, 2025
Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100,... High Unreviewed
CVE-2023-6259 was published Feb 20, 2024
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by... High Unreviewed
CVE-2005-3435 was published May 1, 2022
In freeradius, the EAP-PWD function compute_password_element() leaks information about the... High Unreviewed
CVE-2022-41859 was published Jan 17, 2023
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to... High Unreviewed
CVE-2025-26628 was published Apr 8, 2025
LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40510 was published May 3, 2024
LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40511 was published May 3, 2024
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed
CVE-2017-6528 was published May 13, 2022
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which... High Unreviewed
CVE-2017-7486 was published May 14, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of... High Unreviewed
CVE-2017-8296 was published May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to... High Unreviewed
CVE-2017-9557 was published May 13, 2022
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows... High Unreviewed
CVE-2017-9552 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE,... High Unreviewed
CVE-2017-6046 was published May 13, 2022
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to... High Unreviewed
CVE-2017-7547 was published May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01... High Unreviewed
CVE-2025-28228 was published Apr 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database