GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

640 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate

CVE-2025-27622 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate

CVE-2025-27623 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025

A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as... Low Unreviewed

CVE-2025-2120 was published Mar 9, 2025

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery... High Unreviewed

CVE-2024-12604 was published Mar 10, 2025

This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext... Moderate Unreviewed

CVE-2025-2189 was published Mar 11, 2025

A local user may find a configuration file on the client workstation with unencrypted sensitive... High Unreviewed

CVE-2024-23942 was published Mar 18, 2025

An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data... High Unreviewed

CVE-2025-25758 was published Mar 20, 2025

The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3... Moderate Unreviewed

CVE-2025-2909 was published Mar 28, 2025

Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who... Moderate Unreviewed

CVE-2025-0418 was published Apr 1, 2025

Jenkins monitor-remote-job Plugin Stores Passwords Unencrypted Moderate

CVE-2025-31725 was published for org.ukiuni.monitor-remote-job-plugin:monitor-remote-job (Maven) Apr 2, 2025

Jenkins Cadence vManager Plugin Stores Verisium Manager vAPI keys Unencrypted Moderate

CVE-2025-31724 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) Apr 2, 2025

Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate

CVE-2025-31727 was published for org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin (Maven) Apr 2, 2025

Jenkins Stack Hammer Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate

CVE-2025-31726 was published for org.jenkins-ci.plugins:stackhammer (Maven) Apr 2, 2025

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi... Moderate Unreviewed

CVE-2025-3442 was published Apr 9, 2025

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to... Moderate Unreviewed

CVE-2025-0123 was published Apr 11, 2025

BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed

CVE-2025-2770 was published Apr 23, 2025

A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows... Moderate Unreviewed

CVE-2025-27532 was published Apr 30, 2025

Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information... High Unreviewed

CVE-2025-3395 was published Apr 30, 2025

Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro... High Unreviewed

CVE-2025-46633 was published May 2, 2025

Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro... High Unreviewed

CVE-2025-46634 was published May 2, 2025

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic.... Low Unreviewed

CVE-2025-4537 was published May 11, 2025

Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant)... Moderate Unreviewed

CVE-2025-4737 was published May 15, 2025

The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext... Moderate Unreviewed

CVE-2024-56428 was published May 21, 2025

A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on... Moderate Unreviewed

CVE-2025-5154 was published May 25, 2025

The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access... Moderate Unreviewed

CVE-2025-4053 was published May 26, 2025

Previous 1…24…26 Next

Previous 1 2 … 22 23 24 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

640 advisories