Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

467 advisories

Loading
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical... Moderate Unreviewed
CVE-2022-46142 was published Dec 13, 2022
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed
CVE-2024-31899 was published Sep 26, 2024
When an attacker manages to get access to the local memory, or the memory dump of a victim, for... Moderate Unreviewed
CVE-2021-38150 was published May 24, 2022
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view... Moderate Unreviewed
CVE-2024-56354 was published Dec 20, 2024
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical... Moderate Unreviewed
CVE-2022-33954 was published Dec 19, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-54471 was published Dec 12, 2024
Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed
CVE-2023-42955 was published May 14, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed
CVE-2024-53832 was published Dec 10, 2024
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident... Moderate Unreviewed
CVE-2024-6749 was published Nov 26, 2024
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed
CVE-2024-39290 was published Nov 22, 2024
AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed
CVE-2024-47142 was published Nov 22, 2024
A vulnerability in the web-based management interface of Cisco&nbsp;SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1232 was published Nov 18, 2024
Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50770 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
 VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22266 was published May 8, 2024
An issue was discovered in Couchbase Server before 7.2.4. ns_server admin credentials are leaked... Moderate Unreviewed
CVE-2023-50436 was published Feb 29, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission Moderate
CVE-2024-47805 was published for org.jenkins-ci.plugins:credentials (Maven) Oct 2, 2024
In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software... Moderate Unreviewed
CVE-2024-47588 was published Nov 12, 2024
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By... Moderate Unreviewed
CVE-2024-29216 was published Mar 25, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34883 was published Nov 4, 2024
Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34887 was published Nov 4, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34885 was published Nov 4, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34882 was published Nov 4, 2024
An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed
CVE-2024-26330 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database