Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows... Moderate Unreviewed
CVE-2025-27532 was published Apr 30, 2025
Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information... High Unreviewed
CVE-2025-3395 was published Apr 30, 2025
SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-24375 was published Mar 7, 2024
Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro... High Unreviewed
CVE-2025-46634 was published May 2, 2025
Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro... High Unreviewed
CVE-2025-46633 was published May 2, 2025
A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic.... Low Unreviewed
CVE-2025-4537 was published May 11, 2025
Liferay Portal and Liferay DXP Stores User Passwords in Cleartext Moderate
CVE-2021-33325 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant)... Moderate Unreviewed
CVE-2025-4737 was published May 15, 2025
The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext... Moderate Unreviewed
CVE-2024-56428 was published May 21, 2025
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions... Moderate Unreviewed
CVE-2018-18984 was published May 13, 2022
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token... Moderate Unreviewed
CVE-2022-32217 was published Sep 25, 2022
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed
CVE-2024-51547 was published Feb 6, 2025
Tokens stored in plain text by PaaSLane Estimate Plugin Moderate
CVE-2023-50777 was published for com.cloudtp.jenkins:paaslane-estimate (Maven) Dec 13, 2023
A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on... Moderate Unreviewed
CVE-2025-5154 was published May 25, 2025
The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access... Moderate Unreviewed
CVE-2025-4053 was published May 26, 2025
Jenkins BigPanda Notifier Plugin Missing Password Field Masking Low
CVE-2022-41248 was published for org.jenkins-ci.plugins:bigpanda-jenkins (Maven) Sep 22, 2022
NotMyFault
Mautic does not shield .env files from web traffic Moderate
CVE-2024-47056 was published for mautic/core (Composer) May 28, 2025
r3ky lenonleite
nick-vanpraet patrykgruszka
Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A... Moderate Unreviewed
CVE-2025-32752 was published May 29, 2025
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a... Moderate Unreviewed
CVE-2022-34910 was published Feb 27, 2023
Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including... High Unreviewed
CVE-2025-44614 was published May 30, 2025
IBM InfoSphere Information Server 11.7 stores credential information for database authentication... Moderate Unreviewed
CVE-2025-1499 was published Jun 1, 2025
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive... Moderate Unreviewed
CVE-2023-31002 was published Feb 7, 2024
Successful exploitation of the vulnerability could allow an attacker to intercept data and... Low Unreviewed
CVE-2025-48463 was published Jun 26, 2025
A local, low-privileged attacker can learn the password of the connected controller in PLC... Moderate Unreviewed
CVE-2025-41647 was published Jun 26, 2025
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage... Low Unreviewed
CVE-2025-47824 was published Jun 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database