Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,177 advisories

Loading
The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2... High Unreviewed
CVE-2014-1812 was published May 14, 2022
Use of reversible password encryption algorithm allows attackers to decrypt passwords.  Sensitive... Moderate Unreviewed
CVE-2024-3543 was published May 2, 2024
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure Moderate
CVE-2024-4536 was published for org.eclipse.edc:connector-core (Maven) May 7, 2024
The Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-7389 was published Aug 2, 2024
GRAU DATA Blocky before 3.1 stores passwords encrypted rather than hashed. At the login screen,... Moderate Unreviewed
CVE-2024-42012 was published Jan 22, 2025
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. Critical Unreviewed
CVE-2021-30116 was published May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed
CVE-2020-8657 was published May 24, 2022
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in... High Unreviewed
CVE-2024-53292 was published Dec 11, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure... Moderate Unreviewed
CVE-2024-28961 was published Apr 29, 2024
An HPE OneView appliance dump may expose OneView user accounts Moderate Unreviewed
CVE-2023-28087 was published Apr 25, 2023
An HPE OneView appliance dump may expose proxy credential settings Moderate Unreviewed
CVE-2023-28086 was published Apr 25, 2023
Password Vulnerability in Safety production process management system v1.0 allows a remote... Critical Unreviewed
CVE-2024-57395 was published Jan 30, 2025
The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG... High Unreviewed
CVE-2024-23733 was published Jan 30, 2025
A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... High Unreviewed
CVE-2025-0498 was published Jan 30, 2025
A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... High Unreviewed
CVE-2025-0497 was published Jan 30, 2025
An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed
CVE-2025-0477 was published Jan 30, 2025
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage... Low Unreviewed
CVE-2024-28971 was published May 8, 2024
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21111 was published Jan 8, 2025
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21102 was published Jan 8, 2025
Jenkins Azure VM Agents Plugin missing permission checks Moderate
CVE-2023-32988 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed
CVE-2025-0619 was published Jan 23, 2025
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical... Moderate Unreviewed
CVE-2022-46142 was published Dec 13, 2022
An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with... High Unreviewed
CVE-2024-46480 was published Jan 13, 2025
After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could... High Unreviewed
CVE-2023-25740 was published Jun 2, 2023
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed
CVE-2024-31899 was published Sep 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database