Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,070 advisories

Loading
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose... High Unreviewed
CVE-2024-42457 was published Dec 4, 2024
Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed
CVE-2024-51545 was published Dec 5, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed
CVE-2024-53832 was published Dec 10, 2024
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords... High Unreviewed
CVE-2024-36460 was published Aug 12, 2024
Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed
CVE-2023-42955 was published May 14, 2024
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form,... High Unreviewed
CVE-2024-46341 was published Dec 10, 2024
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware... Critical Unreviewed
CVE-2023-48010 was published Dec 5, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed
CVE-2024-40583 was published Dec 9, 2024
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were... High Unreviewed
CVE-2024-50699 was published Dec 10, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-54471 was published Dec 12, 2024
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical... Moderate Unreviewed
CVE-2022-33954 was published Dec 19, 2024
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view... Moderate Unreviewed
CVE-2024-56354 was published Dec 20, 2024
There is an insufficient authentication vulnerability in some Huawei smart phone. An... Low Unreviewed
CVE-2020-9250 was published Dec 20, 2024
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed
CVE-2024-31899 was published Sep 26, 2024
After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could... High Unreviewed
CVE-2023-25740 was published Jun 2, 2023
An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with... High Unreviewed
CVE-2024-46480 was published Jan 13, 2025
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical... Moderate Unreviewed
CVE-2022-46142 was published Dec 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database