Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

485 advisories

Loading
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc.... High Unreviewed
CVE-2024-6921 was published Sep 2, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This... High Unreviewed
CVE-2021-22509 was published Aug 28, 2024
Mattermost doesn't redact remote users' original email addresses Moderate
CVE-2024-32939 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local... Moderate Unreviewed
CVE-2024-5916 was published Aug 14, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise... High Unreviewed
CVE-2024-38877 was published Aug 2, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials... High Unreviewed
CVE-2024-41691 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default... High Unreviewed
CVE-2024-41690 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing... High Unreviewed
CVE-2024-41688 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-39674 was published Jul 25, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2024-25023 was published Jul 10, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed
CVE-2024-29954 was published Jun 26, 2024
The decrypted configuration file contains the password in cleartext which is used to configure... Critical Unreviewed
CVE-2024-36497 was published Jun 24, 2024
The Kiuwan Local Analyzer (KLA) Java scanning application contains several hard-coded secrets in... High Unreviewed
CVE-2023-49113 was published Jun 20, 2024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. High Unreviewed
CVE-2024-36790 was published Jun 7, 2024
Password confirmation stored in plain text via registration form in statamic/cms Low
CVE-2024-36119 was published for statamic/cms (Composer) Jun 2, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords... Moderate Unreviewed
CVE-2024-31840 was published May 21, 2024
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected... Moderate Unreviewed
CVE-2024-31486 was published May 14, 2024
An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and... Moderate Unreviewed
CVE-2024-4840 was published May 14, 2024
NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27370 was published May 3, 2024
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This... Low Unreviewed
CVE-2024-4235 was published Apr 26, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed
CVE-2023-37396 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API