GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,680

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

324 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the AD/LDAP user import... Moderate Unreviewed

CVE-2025-34270 was published Oct 31, 2025

Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could... Moderate Unreviewed

CVE-2025-48428 was published Oct 23, 2025

Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-55334 was published Oct 14, 2025

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local... Moderate Unreviewed

CVE-2025-21060 was published Oct 10, 2025

The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used... Moderate Unreviewed

CVE-2025-59450 was published Oct 6, 2025

Cleartext storage of sensitive information was discovered in Click Programming Software version... Moderate Unreviewed

CVE-2025-54855 was published Sep 24, 2025

Cleartext storage of sensitive information in Microsoft PC Manager allows an unauthorized... Moderate Unreviewed

CVE-2025-49728 was published Sep 16, 2025

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed

CVE-2025-58401 was published Sep 5, 2025

A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed

CVE-2025-2182 was published Aug 13, 2025

A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed

CVE-2025-2181 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed

CVE-2025-55280 was published Aug 13, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40753 was published Aug 12, 2025

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed

CVE-2025-40752 was published Aug 12, 2025

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed

CVE-2025-8528 was published Aug 5, 2025

A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client... Moderate Unreviewed

CVE-2025-7738 was published Jul 31, 2025

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg... Moderate Unreviewed

CVE-2025-54538 was published Jul 28, 2025

In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Moderate Unreviewed

CVE-2025-54537 was published Jul 28, 2025

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which... Moderate Unreviewed

CVE-2025-4394 was published Jul 25, 2025

Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local... Moderate Unreviewed

CVE-2025-41458 was published Jul 21, 2025

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in... Moderate Unreviewed

CVE-2025-7397 was published Jul 18, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials... Moderate Unreviewed

CVE-2025-53758 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS... Moderate Unreviewed

CVE-2025-53755 was published Jul 16, 2025

Credentials are not cleared from memory after being used. A user with Administrator permissions... Moderate Unreviewed

CVE-2024-24915 was published Jun 29, 2025

The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with... Moderate Unreviewed

CVE-2023-28912 was published Jun 28, 2025

A local, low-privileged attacker can learn the password of the connected controller in PLC... Moderate Unreviewed

CVE-2025-41647 was published Jun 26, 2025

Previous1…13 Next

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

324 advisories