Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

45 advisories

Loading
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage... Low Unreviewed
CVE-2025-47824 was published Jun 27, 2025
Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. Low Unreviewed
CVE-2025-47820 was published Jun 27, 2025
A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on... Low Unreviewed
CVE-2025-6748 was published Jun 27, 2025
Successful exploitation of the vulnerability could allow an attacker to intercept data and... Low Unreviewed
CVE-2025-48463 was published Jun 26, 2025
Jenkins BigPanda Notifier Plugin Missing Password Field Masking Low
CVE-2022-41248 was published for org.jenkins-ci.plugins:bigpanda-jenkins (Maven) Sep 22, 2022
NotMyFault
A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic.... Low Unreviewed
CVE-2025-4537 was published May 11, 2025
Logins saved by Firefox should be managed by the Password Manager component which uses encryption... Low Unreviewed
CVE-2022-42931 was published Dec 22, 2022
Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in... Low Unreviewed
CVE-2009-1466 was published May 2, 2022
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as... Low Unreviewed
CVE-2025-2120 was published Mar 9, 2025
NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it... Low Unreviewed
CVE-2024-39846 was published Jun 29, 2024
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about... Low Unreviewed
CVE-2024-46383 was published Nov 15, 2024
Moodle has user information visibility control issues in gradebook reports Low
CVE-2024-43429 was published for moodle/moodle (Composer) Nov 11, 2024
The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores... Low Unreviewed
CVE-2024-40594 was published Jul 6, 2024
An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted... Low Unreviewed
CVE-2023-46294 was published May 1, 2024
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes Low
CVE-2023-41335 was published for matrix-synapse (pip) Sep 26, 2023
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in... Low Unreviewed
CVE-2023-5359 was published Sep 25, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed
CVE-2023-37396 was published Apr 19, 2024
Apache Airflow logs passwords in plaintext Low
CVE-2020-17511 was published for apache-airflow (pip) Dec 17, 2020
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
Password confirmation stored in plain text via registration form in statamic/cms Low
CVE-2024-36119 was published for statamic/cms (Composer) Jun 2, 2024
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This... Low Unreviewed
CVE-2024-4235 was published Apr 26, 2024
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,... Low Unreviewed
CVE-2023-3950 was published Sep 1, 2023
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6... Low Unreviewed
CVE-2022-22302 was published Jul 11, 2023
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish... Low Unreviewed
CVE-2008-1567 was published May 1, 2022
Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext... Low Unreviewed
CVE-2005-2209 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database