GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
267 advisories
Filter by severity
A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0...
Moderate
Unreviewed
CVE-2024-50570
was published
Dec 18, 2024
Oxide before 6 has unencrypted Control Plane datastores.
Moderate
Unreviewed
CVE-2024-55582
was published
Dec 9, 2024
IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in...
Moderate
Unreviewed
CVE-2024-35117
was published
Dec 11, 2024
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This...
Moderate
Unreviewed
CVE-2024-11159
was published
Nov 13, 2024
This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a...
Moderate
Unreviewed
CVE-2024-54127
was published
Dec 5, 2024
This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in...
Moderate
Unreviewed
CVE-2024-12094
was published
Dec 5, 2024
User passwords are decrypted and stored on memory before any user logged in. Those decrypted...
Moderate
Unreviewed
CVE-2024-29146
was published
Nov 26, 2024
An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and...
Moderate
Unreviewed
CVE-2024-36589
was published
Jun 13, 2024
An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and...
Moderate
Unreviewed
CVE-2024-4840
was published
May 14, 2024
Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19...
Moderate
Unreviewed
CVE-2024-25658
was published
Oct 1, 2024
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi...
Moderate
Unreviewed
CVE-2024-40750
was published
Jul 9, 2024
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email...
Moderate
Unreviewed
CVE-2021-34544
was published
Dec 8, 2021
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain...
Moderate
Unreviewed
CVE-2024-10523
was published
Nov 4, 2024
A user with permission to log on to the machine hosting the AXIS Device Manager client could...
Moderate
Unreviewed
CVE-2021-31989
was published
May 24, 2022
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created...
Moderate
Unreviewed
CVE-2020-11918
was published
Nov 7, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100...
Moderate
Unreviewed
CVE-2024-34891
was published
Nov 4, 2024
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information,...
Moderate
Unreviewed
CVE-2024-7783
was published
Oct 29, 2024
The conformance validation endpoint is public so everybody can verify the conformance of...
Moderate
Unreviewed
CVE-2024-9802
was published
Oct 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: dcp: fix leak...
Moderate
Unreviewed
CVE-2024-45004
was published
Sep 4, 2024
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco...
Moderate
Unreviewed
CVE-2024-20448
was published
Oct 2, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic...
Moderate
Unreviewed
CVE-2024-28810
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information...
Moderate
Unreviewed
CVE-2024-28807
was published
Sep 30, 2024
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular...
Moderate
Unreviewed
CVE-2023-39440
was published
Aug 8, 2023
The configuration file stores credentials in cleartext. An attacker with local access rights can...
Moderate
Unreviewed
CVE-2024-6785
was published
Sep 21, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank...
Moderate
Unreviewed
CVE-2024-9040
was published
Sep 20, 2024
ProTip!
Advisories are also available from the
GraphQL API