Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

310 advisories

Loading
IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in... Moderate Unreviewed
CVE-2024-35117 was published Dec 11, 2024
Oxide before 6 has unencrypted Control Plane datastores. Moderate Unreviewed
CVE-2024-55582 was published Dec 9, 2024
This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a... Moderate Unreviewed
CVE-2024-54127 was published Dec 5, 2024
This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in... Moderate Unreviewed
CVE-2024-12094 was published Dec 5, 2024
Python package "zhmcclient" stores passwords in clear text in its HMC and API logs Moderate
CVE-2024-53865 was published for zhmcclient (pip) Dec 2, 2024
andy-maier
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-29146 was published Nov 26, 2024
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This... Moderate Unreviewed
CVE-2024-11159 was published Nov 13, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created... Moderate Unreviewed
CVE-2020-11918 was published Nov 7, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34891 was published Nov 4, 2024
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain... Moderate Unreviewed
CVE-2024-10523 was published Nov 4, 2024
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information,... Moderate Unreviewed
CVE-2024-7783 was published Oct 29, 2024
The conformance validation endpoint is public so everybody can verify the conformance of... Moderate Unreviewed
CVE-2024-9802 was published Oct 10, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed
CVE-2024-20448 was published Oct 2, 2024
Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19... Moderate Unreviewed
CVE-2024-25658 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed
CVE-2024-28807 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed
CVE-2024-28810 was published Sep 30, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed
CVE-2024-7259 was published Sep 26, 2024
The configuration file stores credentials in cleartext. An attacker with local access rights can... Moderate Unreviewed
CVE-2024-6785 was published Sep 21, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank... Moderate Unreviewed
CVE-2024-9040 was published Sep 20, 2024
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to... Moderate Unreviewed
CVE-2024-41629 was published Sep 12, 2024
A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the... Moderate Unreviewed
CVE-2024-8689 was published Sep 11, 2024
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting... Moderate Unreviewed
CVE-2024-35282 was published Sep 10, 2024
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed
CVE-2024-45004 was published Sep 4, 2024
Mattermost doesn't redact remote users' original email addresses Moderate
CVE-2024-32939 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database