Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0... Moderate Unreviewed
CVE-2025-36100 was published Sep 7, 2025
EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5(md5(password)). This... Moderate Unreviewed
CVE-2025-51540 was published Aug 19, 2025
Standard Windows users can access the configuration file for database access of the BRAIN2... Critical Unreviewed
CVE-2025-6513 was published Jun 23, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Critical Unreviewed
CVE-2025-25022 was published Jun 3, 2025
An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP... Moderate Unreviewed
CVE-2025-48046 was published May 29, 2025
IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm... High Unreviewed
CVE-2025-33093 was published May 7, 2025
The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file... High Unreviewed
CVE-2025-32111 was published Apr 4, 2025
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for... Moderate Unreviewed
CVE-2024-45673 was published Feb 21, 2025
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials... Moderate Unreviewed
CVE-2024-49817 was published Dec 17, 2024
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file.... Critical Unreviewed
CVE-2023-34128 was published Jul 13, 2023
A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224... Low Unreviewed
CVE-2023-2790 was published May 18, 2023
Password in config file in KIE server Critical
CVE-2016-7043 was published for org.kie.server:kie-server-common (Maven) May 24, 2022
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0... High Unreviewed
CVE-2017-7923 was published May 17, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database