GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

317 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed

CVE-2025-58401 was published Sep 5, 2025

A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed

CVE-2025-2181 was published Aug 13, 2025

A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed

CVE-2025-2182 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed

CVE-2025-55280 was published Aug 13, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40752 was published Aug 12, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40753 was published Aug 12, 2025

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed

CVE-2025-8528 was published Aug 5, 2025

A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client... Moderate Unreviewed

CVE-2025-7738 was published Jul 31, 2025

In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Moderate Unreviewed

CVE-2025-54537 was published Jul 28, 2025

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg... Moderate Unreviewed

CVE-2025-54538 was published Jul 28, 2025

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which... Moderate Unreviewed

CVE-2025-4394 was published Jul 25, 2025

Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local... Moderate Unreviewed

CVE-2025-41458 was published Jul 21, 2025

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in... Moderate Unreviewed

CVE-2025-7397 was published Jul 18, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials... Moderate Unreviewed

CVE-2025-53758 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS... Moderate Unreviewed

CVE-2025-53755 was published Jul 16, 2025

Credentials are not cleared from memory after being used. A user with Administrator permissions... Moderate Unreviewed

CVE-2024-24915 was published Jun 29, 2025

The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with... Moderate Unreviewed

CVE-2023-28912 was published Jun 28, 2025

A local, low-privileged attacker can learn the password of the connected controller in PLC... Moderate Unreviewed

CVE-2025-41647 was published Jun 26, 2025

IBM InfoSphere Information Server 11.7 stores credential information for database authentication... Moderate Unreviewed

CVE-2025-1499 was published Jun 1, 2025

Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A... Moderate Unreviewed

CVE-2025-32752 was published May 29, 2025

The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access... Moderate Unreviewed

CVE-2025-4053 was published May 26, 2025

A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on... Moderate Unreviewed

CVE-2025-5154 was published May 25, 2025

The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext... Moderate Unreviewed

CVE-2024-56428 was published May 21, 2025

Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant)... Moderate Unreviewed

CVE-2025-4737 was published May 15, 2025

A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows... Moderate Unreviewed

CVE-2025-27532 was published Apr 30, 2025

Previous1…13 Next

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

317 advisories