Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A... Moderate Unreviewed
CVE-2025-32752 was published May 29, 2025
Mautic does not shield .env files from web traffic Moderate
CVE-2024-47056 was published for mautic/core (Composer) May 28, 2025
r3ky lenonleite
nick-vanpraet patrykgruszka
The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access... Moderate Unreviewed
CVE-2025-4053 was published May 26, 2025
A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on... Moderate Unreviewed
CVE-2025-5154 was published May 25, 2025
The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext... Moderate Unreviewed
CVE-2024-56428 was published May 21, 2025
Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant)... Moderate Unreviewed
CVE-2025-4737 was published May 15, 2025
A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows... Moderate Unreviewed
CVE-2025-27532 was published Apr 30, 2025
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed
CVE-2025-2770 was published Apr 23, 2025
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to... Moderate Unreviewed
CVE-2025-0123 was published Apr 11, 2025
This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi... Moderate Unreviewed
CVE-2025-3442 was published Apr 9, 2025
Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate
CVE-2025-31727 was published for org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin (Maven) Apr 2, 2025
Jenkins Stack Hammer Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate
CVE-2025-31726 was published for org.jenkins-ci.plugins:stackhammer (Maven) Apr 2, 2025
Jenkins monitor-remote-job Plugin Stores Passwords Unencrypted Moderate
CVE-2025-31725 was published for org.ukiuni.monitor-remote-job-plugin:monitor-remote-job (Maven) Apr 2, 2025
Jenkins Cadence vManager Plugin Stores Verisium Manager vAPI keys Unencrypted Moderate
CVE-2025-31724 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) Apr 2, 2025
Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who... Moderate Unreviewed
CVE-2025-0418 was published Apr 1, 2025
The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3... Moderate Unreviewed
CVE-2025-2909 was published Mar 28, 2025
This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext... Moderate Unreviewed
CVE-2025-2189 was published Mar 11, 2025
Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate
CVE-2025-27622 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025
Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate
CVE-2025-27623 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text.... Moderate Unreviewed
CVE-2024-10404 was published Feb 14, 2025
Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti... Moderate Unreviewed
CVE-2024-13843 was published Feb 11, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed
CVE-2024-53651 was published Feb 11, 2025
Sensitive data could be exposed to non- privileged users in a configuration file. Local access... Moderate Unreviewed
CVE-2024-45718 was published Feb 11, 2025
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed
CVE-2024-49800 was published Feb 6, 2025
Jenkins Zoom Plugin Stores Sensitive Information in Cleartext Moderate
CVE-2025-0142 was published for io.jenkins.plugins:zoom (Maven) Jan 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database