Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,177 advisories

Loading
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed
CVE-2021-22640 was published Jul 29, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed
CVE-2025-27650 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27648 was published Mar 5, 2025
Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password... Critical Unreviewed
CVE-2025-22372 was published Apr 14, 2025
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed
CVE-2022-45424 was published Dec 27, 2022
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products... Low Unreviewed
CVE-2012-3268 was published May 13, 2022
LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40510 was published May 3, 2024
LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40511 was published May 3, 2024
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Low Unreviewed
CVE-2025-27192 was published Apr 8, 2025
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to... High Unreviewed
CVE-2025-26628 was published Apr 8, 2025
In freeradius, the EAP-PWD function compute_password_element() leaks information about the... High Unreviewed
CVE-2022-41859 was published Jan 17, 2023
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by... High Unreviewed
CVE-2005-3435 was published May 1, 2022
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through... Moderate Unreviewed
CVE-2022-43959 was published Jan 20, 2023
Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100,... High Unreviewed
CVE-2023-6259 was published Feb 20, 2024
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-46967 was published Jan 27, 2023
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ... Moderate Unreviewed
CVE-2023-35789 was published Jun 16, 2023
Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13... High Unreviewed
CVE-2025-2277 was published Mar 13, 2025
The exposure of credentials in the call forwarding configuration module in MeetMe products in... High Unreviewed
CVE-2025-2908 was published Mar 28, 2025
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... High Unreviewed
CVE-2024-29071 was published Mar 25, 2024
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... Critical Unreviewed
CVE-2022-47697 was published Jan 31, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
Jenkins Zoho QEngine Plugin Displays Unmasked API Keys Low
CVE-2025-30197 was published for io.jenkins.plugins:zohoqengine (Maven) Mar 19, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-54471 was published Dec 12, 2024
The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence... Moderate Unreviewed
CVE-2022-41564 was published Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database