GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed

CVE-2025-58401 was published Sep 5, 2025

Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT... Critical Unreviewed

CVE-2025-55443 was published Aug 26, 2025

A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed

CVE-2025-2181 was published Aug 13, 2025

A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed

CVE-2025-2182 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed

CVE-2025-55280 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without... High Unreviewed

CVE-2025-54464 was published Aug 13, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40752 was published Aug 12, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40753 was published Aug 12, 2025

Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in... High Unreviewed

CVE-2025-51055 was published Aug 6, 2025

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed

CVE-2025-8528 was published Aug 5, 2025

A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client... Moderate Unreviewed

CVE-2025-7738 was published Jul 31, 2025

In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Moderate Unreviewed

CVE-2025-54537 was published Jul 28, 2025

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg... Moderate Unreviewed

CVE-2025-54538 was published Jul 28, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted... Critical Unreviewed

CVE-2025-30124 was published Jul 28, 2025

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which... Moderate Unreviewed

CVE-2025-4394 was published Jul 25, 2025

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of... High Unreviewed

CVE-2025-44649 was published Jul 21, 2025

Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local... Moderate Unreviewed

CVE-2025-41458 was published Jul 21, 2025

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in... Moderate Unreviewed

CVE-2025-7397 was published Jul 18, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials... Moderate Unreviewed

CVE-2025-53758 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS... Moderate Unreviewed

CVE-2025-53755 was published Jul 16, 2025

The hard drives of the device are not encrypted using a full volume encryption feature such as... High Unreviewed

CVE-2025-27460 was published Jul 3, 2025

Credentials are not cleared from memory after being used. A user with Administrator permissions... Moderate Unreviewed

CVE-2024-24915 was published Jun 29, 2025

The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with... Moderate Unreviewed

CVE-2023-28912 was published Jun 28, 2025

Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage... Low Unreviewed

CVE-2025-47824 was published Jun 27, 2025

Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. Low Unreviewed

CVE-2025-47820 was published Jun 27, 2025

Previous1…22 Next

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

537 advisories