Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Loading
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed
CVE-2025-58401 was published Sep 5, 2025
Credentials are not cleared from memory after being used. A user with Administrator permissions... Moderate Unreviewed
CVE-2024-24915 was published Jun 29, 2025
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT... Critical Unreviewed
CVE-2025-55443 was published Aug 26, 2025
The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed
CVE-2024-31415 was published Sep 13, 2024
A local user may find a configuration file on the client workstation with unencrypted sensitive... High Unreviewed
CVE-2024-23942 was published Mar 18, 2025
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability... Moderate Unreviewed
CVE-2025-2770 was published Apr 23, 2025
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed
CVE-2025-2181 was published Aug 13, 2025
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed
CVE-2025-2182 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed
CVE-2025-55280 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without... High Unreviewed
CVE-2025-54464 was published Aug 13, 2025
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL... Moderate Unreviewed
CVE-2019-4687 was published May 24, 2022
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed
CVE-2025-40752 was published Aug 12, 2025
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed
CVE-2025-40753 was published Aug 12, 2025
Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in... High Unreviewed
CVE-2025-51055 was published Aug 6, 2025
In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of... High Unreviewed
CVE-2025-44649 was published Jul 21, 2025
A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed
CVE-2025-8528 was published Aug 5, 2025
A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client... Moderate Unreviewed
CVE-2025-7738 was published Jul 31, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted... Critical Unreviewed
CVE-2025-30124 was published Jul 28, 2025
In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Moderate Unreviewed
CVE-2025-54537 was published Jul 28, 2025
In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg... Moderate Unreviewed
CVE-2025-54538 was published Jul 28, 2025
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which... Moderate Unreviewed
CVE-2025-4394 was published Jul 25, 2025
A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA... Moderate Unreviewed
CVE-2023-20059 was published Mar 23, 2023
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any... Moderate Unreviewed
CVE-2021-1265 was published May 24, 2022
Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local... Moderate Unreviewed
CVE-2025-41458 was published Jul 21, 2025
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in... Moderate Unreviewed
CVE-2025-7397 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database