Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed
CVE-2025-40752 was published Aug 12, 2025
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL... Moderate Unreviewed
CVE-2019-4687 was published May 24, 2022
This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed
CVE-2025-55280 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without... High Unreviewed
CVE-2025-54464 was published Aug 13, 2025
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed
CVE-2025-2182 was published Aug 13, 2025
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed
CVE-2025-2181 was published Aug 13, 2025
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed
CVE-2025-2770 was published Apr 23, 2025
A local user may find a configuration file on the client workstation with unencrypted sensitive... High Unreviewed
CVE-2024-23942 was published Mar 18, 2025
The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed
CVE-2024-31415 was published Sep 13, 2024
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT... Critical Unreviewed
CVE-2025-55443 was published Aug 26, 2025
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text High
CVE-2024-52284 was published for github.com/rancher/fleet (Go) Aug 29, 2025
Local Deep Research's API keys are stored in plain text Moderate
CVE-2025-57806 was published for local-deep-research (pip) Sep 2, 2025
i-d-lytvynenko
Credentials are not cleared from memory after being used. A user with Administrator permissions... Moderate Unreviewed
CVE-2024-24915 was published Jun 29, 2025
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed
CVE-2025-58401 was published Sep 5, 2025
Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users Moderate
CVE-2025-53742 was published for org.jenkins-ci.plugins:applitools-eyes (Maven) Jul 9, 2025
sevvalboylu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database