Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

261 advisories

Loading
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-29146 was published Nov 26, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created... Moderate Unreviewed
CVE-2020-11918 was published Nov 7, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34891 was published Nov 4, 2024
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain... Moderate Unreviewed
CVE-2024-10523 was published Nov 4, 2024
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information,... Moderate Unreviewed
CVE-2024-7783 was published Oct 29, 2024
The conformance validation endpoint is public so everybody can verify the conformance of... Moderate Unreviewed
CVE-2024-9802 was published Oct 10, 2024
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed
CVE-2024-20448 was published Oct 2, 2024
Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19... Moderate Unreviewed
CVE-2024-25658 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed
CVE-2024-28807 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed
CVE-2024-28810 was published Sep 30, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed
CVE-2024-7259 was published Sep 26, 2024
The configuration file stores credentials in cleartext. An attacker with local access rights can... Moderate Unreviewed
CVE-2024-6785 was published Sep 21, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank... Moderate Unreviewed
CVE-2024-9040 was published Sep 20, 2024
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to... Moderate Unreviewed
CVE-2024-41629 was published Sep 12, 2024
A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the... Moderate Unreviewed
CVE-2024-8689 was published Sep 11, 2024
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting... Moderate Unreviewed
CVE-2024-35282 was published Sep 10, 2024
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed
CVE-2024-45004 was published Sep 4, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local... Moderate Unreviewed
CVE-2024-5916 was published Aug 14, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-39674 was published Jul 25, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from... Moderate Unreviewed
CVE-2024-39732 was published Jul 14, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2024-25023 was published Jul 10, 2024
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi... Moderate Unreviewed
CVE-2024-40750 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database