GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,745
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,485
Maven 5,910
npm 4,104
NuGet 734
pip 3,918
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,107

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

917 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow... High Unreviewed

CVE-2023-49233 was published Sep 3, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive... Moderate Unreviewed

CVE-2024-40704 was published Aug 15, 2024

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison... Moderate Unreviewed

CVE-2024-7813 was published Aug 15, 2024

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated... High Unreviewed

CVE-2024-39818 was published Aug 14, 2024

The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords... High Unreviewed

CVE-2024-36460 was published Aug 12, 2024

A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub... Critical Unreviewed

CVE-2024-6118 was published Aug 5, 2024

The Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2024-7389 was published Aug 2, 2024

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an... Moderate Unreviewed

CVE-2024-3082 was published Jul 31, 2024

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote... High Unreviewed

CVE-2024-6492 was published Jul 16, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain... Moderate Unreviewed

CVE-2024-39733 was published Jul 14, 2024

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key.... High Unreviewed

CVE-2024-38453 was published Jul 3, 2024

The webserver utilizes basic authentication for its user login to the configuration interface. As... High Unreviewed

CVE-2023-41926 was published Jul 2, 2024

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile... Moderate Unreviewed

CVE-2024-39879 was published Jul 1, 2024

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App... Moderate Unreviewed

CVE-2024-39878 was published Jul 1, 2024

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site Moderate Unreviewed

CVE-2024-38505 was published Jun 18, 2024

HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This... Low Unreviewed

CVE-2024-30119 was published Jun 15, 2024

Utilizing default credentials, an attacker is able to log into the camera's operating system... Unknown Unreviewed

CVE-2024-38282 was published Jun 13, 2024

Logs storing credentials are insufficiently protected and can be decoded through the use of open... Unknown Unreviewed

CVE-2024-38285 was published Jun 13, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed

CVE-2024-26330 was published Jun 11, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35208 was published Jun 11, 2024

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1... Critical Unreviewed

CVE-2024-37051 was published Jun 10, 2024

Insufficiently Protected Credentials vulnerability in Baxter Welch Allyn Configuration Tool may... Unknown Unreviewed

CVE-2024-5176 was published May 31, 2024

An attacker could potentially intercept credentials via the task manager and perform unauthorized... Moderate Unreviewed

CVE-2024-23583 was published May 18, 2024

Previous 1…5…37 Next

Previous 1 2 3 4 5 6 7 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

917 advisories