Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,314
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
674
pip
3,433
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

467 advisories

Loading
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view... Moderate Unreviewed
CVE-2024-56354 was published Dec 20, 2024
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical... Moderate Unreviewed
CVE-2022-33954 was published Dec 19, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-54471 was published Dec 12, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed
CVE-2024-53832 was published Dec 10, 2024
Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident... Moderate Unreviewed
CVE-2024-6749 was published Nov 26, 2024
AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed
CVE-2024-47142 was published Nov 22, 2024
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed
CVE-2024-39290 was published Nov 22, 2024
A vulnerability in the web-based management interface of Cisco&nbsp;SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1232 was published Nov 18, 2024
In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software... Moderate Unreviewed
CVE-2024-47588 was published Nov 12, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34885 was published Nov 4, 2024
Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34887 was published Nov 4, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34883 was published Nov 4, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34882 was published Nov 4, 2024
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed
CVE-2023-50310 was published Oct 23, 2024
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H... Moderate Unreviewed
CVE-2024-9677 was published Oct 22, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed
CVE-2024-20462 was published Oct 16, 2024
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API Moderate Unreviewed
CVE-2024-47161 was published Oct 8, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission Moderate
CVE-2024-47805 was published for org.jenkins-ci.plugins:credentials (Maven) Oct 2, 2024
Advantech ADAM-5630 shares user credentials plain text between the device and the user source... Moderate Unreviewed
CVE-2024-34542 was published Sep 27, 2024
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64... Moderate Unreviewed
CVE-2024-37187 was published Sep 27, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed
CVE-2024-31899 was published Sep 26, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... Moderate Unreviewed
CVE-2024-40703 was published Sep 22, 2024
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page Moderate Unreviewed
CVE-2024-47162 was published Sep 19, 2024
The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed
CVE-2024-31415 was published Sep 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database