Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

555 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed
CVE-2024-45004 was published Sep 4, 2024
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If... High Unreviewed
CVE-2024-41716 was published Sep 4, 2024
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc.... High Unreviewed
CVE-2024-6921 was published Sep 2, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This... High Unreviewed
CVE-2021-22509 was published Aug 28, 2024
Mattermost doesn't redact remote users' original email addresses Moderate
CVE-2024-32939 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local... Moderate Unreviewed
CVE-2024-5916 was published Aug 14, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise... High Unreviewed
CVE-2024-38877 was published Aug 2, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default... High Unreviewed
CVE-2024-41690 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials... High Unreviewed
CVE-2024-41691 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing... High Unreviewed
CVE-2024-41688 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-39674 was published Jul 25, 2024
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext... High Unreviewed
CVE-2019-16638 was published Jul 16, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from... Moderate Unreviewed
CVE-2024-39732 was published Jul 14, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2024-25023 was published Jul 10, 2024
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi... Moderate Unreviewed
CVE-2024-40750 was published Jul 9, 2024
The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores... Low Unreviewed
CVE-2024-40594 was published Jul 6, 2024
NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it... Low Unreviewed
CVE-2024-39846 was published Jun 29, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed
CVE-2024-29954 was published Jun 26, 2024
The decrypted configuration file contains the password in cleartext which is used to configure... Critical Unreviewed
CVE-2024-36497 was published Jun 24, 2024
The Kiuwan Local Analyzer (KLA) Java scanning application contains several hard-coded secrets in... High Unreviewed
CVE-2023-49113 was published Jun 20, 2024
An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and... Moderate Unreviewed
CVE-2024-36589 was published Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database