Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,177 advisories

Loading
In version 0.0.14 of transformeroptimus/superagi, the API endpoint `/api/users/get/{id}` returns... Moderate Unreviewed
CVE-2024-9418 was published Mar 20, 2025
An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605... Critical Unreviewed
CVE-2025-25650 was published Mar 17, 2025
TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5... High Unreviewed
CVE-2022-47703 was published Feb 17, 2023
Jenkins allows Administrators to Access API Tokens Moderate
CVE-2015-5323 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Jenkins Credentials Binding Plugin Stores Passwords in a Recoverable Format Moderate
CVE-2019-1010241 was published for org.jenkins-ci.plugins:credentials-binding (Maven) May 24, 2022
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local... Moderate Unreviewed
CVE-2023-50945 was published Jan 26, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure... Moderate Unreviewed
CVE-2024-47109 was published Mar 10, 2025
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability... High Unreviewed
CVE-2025-1886 was published Mar 7, 2025
Cryptographic key extraction from internal flash in Minut M2 with firmware version #15142 allows... Moderate Unreviewed
CVE-2024-44754 was published Feb 28, 2025
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web... Moderate Unreviewed
CVE-2023-38548 was published Nov 14, 2023
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to... High Unreviewed
CVE-2023-37362 was published Jul 20, 2023
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition... Critical Unreviewed
CVE-2024-12799 was published Mar 5, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote... High Unreviewed
CVE-2024-41770 was published Mar 3, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote... High Unreviewed
CVE-2024-41771 was published Mar 3, 2025
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded... Critical Unreviewed
CVE-2025-25570 was published Feb 28, 2025
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed
CVE-2024-51546 was published Dec 5, 2024
A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP... Low Unreviewed
CVE-2025-0760 was published Feb 26, 2025
Leantime has Insufficiently Protected Credentials Moderate
GHSA-h6w8-27ph-c385 was published for leantime/leantime (Composer) Feb 21, 2025
ANIKETishereok s0calledhacker
The product transmits or stores authentication credentials, but it uses an insecure method that... Moderate Unreviewed
CVE-2024-37362 was published Feb 20, 2025
The standard user uses the run as function to start the MEAC applications with administrative... Critical Unreviewed
CVE-2025-0867 was published Feb 14, 2025
Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies High
CVE-2023-50291 was published for org.apache.solr:solr-core (Maven) Feb 9, 2024
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated... High Unreviewed
CVE-2023-25413 was published Apr 11, 2023
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access... High Unreviewed
CVE-2023-25407 was published Apr 11, 2023
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose... High Unreviewed
CVE-2025-26492 was published Feb 11, 2025
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command... Critical Unreviewed
CVE-2024-21815 was published Mar 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database