Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,177 advisories

Loading
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
There is an insufficient authentication vulnerability in some Huawei smart phone. An... Low Unreviewed
CVE-2020-9250 was published Dec 20, 2024
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view... Moderate Unreviewed
CVE-2024-56354 was published Dec 20, 2024
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical... Moderate Unreviewed
CVE-2022-33954 was published Dec 19, 2024
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were... High Unreviewed
CVE-2024-50699 was published Dec 10, 2024
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware... Critical Unreviewed
CVE-2023-48010 was published Dec 5, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed
CVE-2024-40583 was published Dec 9, 2024
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form,... High Unreviewed
CVE-2024-46341 was published Dec 10, 2024
Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed
CVE-2023-42955 was published May 14, 2024
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords... High Unreviewed
CVE-2024-36460 was published Aug 12, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed
CVE-2024-53832 was published Dec 10, 2024
Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed
CVE-2024-51545 was published Dec 5, 2024
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose... High Unreviewed
CVE-2024-42457 was published Dec 4, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
A security vulnerability in HPE IceWall products could be exploited remotely to cause... Low Unreviewed
CVE-2024-11856 was published Dec 2, 2024
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident... Moderate Unreviewed
CVE-2024-6749 was published Nov 26, 2024
AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed
CVE-2024-47142 was published Nov 22, 2024
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed
CVE-2024-39290 was published Nov 22, 2024
Grafana plugin SDK Information Leakage Critical
CVE-2024-8986 was published for github.com/grafana/grafana-plugin-sdk-go (Go) Sep 19, 2024
A vulnerability in the web-based management interface of Cisco&nbsp;SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1232 was published Nov 18, 2024
Openstack cinder Improper handling of ScaleIO backend credentials High
CVE-2020-10755 was published for cinder (pip) May 24, 2022
Apache Superset allowed for database connections password leak for authenticated users High
CVE-2021-41972 was published for apache-superset (pip) May 24, 2022
Ansible password prompts could expose passwords High
CVE-2019-10206 was published for ansible (pip) May 24, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database