Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,855
Erlang
36
GitHub Actions
36
Go
2,481
Maven
5,000+
npm
4,103
NuGet
734
pip
3,917
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
XWiki PDF export jobs store sensitive cookies unencrypted in job statuses Moderate
CVE-2025-58049 was published for org.xwiki.platform:xwiki-platform-export-pdf-api (Maven) Aug 28, 2025
An issue was discovered in Commvault before 11.36.60. During the brief window between... Moderate Unreviewed
CVE-2025-57789 was published Aug 20, 2025
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is... Critical Unreviewed
CVE-2025-8904 was published Aug 13, 2025
RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. Moderate Unreviewed
CVE-2025-44958 was published Aug 4, 2025
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and... High Unreviewed
CVE-2025-6996 was published Jul 8, 2025
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and... High Unreviewed
CVE-2025-6995 was published Jul 8, 2025
The VNC application stores its passwords encrypted within the registry but uses DES for... Moderate Unreviewed
CVE-2025-27459 was published Jul 3, 2025
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become... High Unreviewed
CVE-2024-51552 was published May 22, 2025
An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro... Low Unreviewed
CVE-2025-25983 was published Apr 18, 2025
A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1... Low Unreviewed
CVE-2024-32122 was published Apr 8, 2025
Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all... Moderate Unreviewed
CVE-2025-24852 was published Mar 31, 2025
The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any... High Unreviewed
CVE-2024-8774 was published Mar 24, 2025
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-32151 was published Nov 26, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed
CVE-2024-20462 was published Oct 16, 2024
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with... Low Unreviewed
CVE-2024-45744 was published Sep 27, 2024
The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to... Low Unreviewed
CVE-2024-6694 was published Jul 20, 2024
Under certain circumstances the Linux users credentials may be recovered by an authenticated user. Moderate Unreviewed
CVE-2024-32756 was published Jul 2, 2024
Under certain circumstances the web interface users credentials may be recovered by an... Moderate Unreviewed
CVE-2024-32932 was published Jul 2, 2024
The key used to encrypt passwords stored in the database can be found in the CyberPower... Moderate Unreviewed
CVE-2024-32042 was published May 15, 2024
Claris International has successfully resolved an issue of potentially exposing password... Moderate Unreviewed
CVE-2023-42955 was published May 14, 2024
Use of reversible password encryption algorithm allows attackers to decrypt passwords.  Sensitive... Moderate Unreviewed
CVE-2024-3543 was published May 2, 2024
Unitronics Vision Standard line of controllers allow the Information Mode password to be... High Unreviewed
CVE-2024-1480 was published Apr 20, 2024
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages... Moderate Unreviewed
CVE-2023-38738 was published Jan 19, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31001 was published Jan 11, 2024
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism... High Unreviewed
CVE-2023-5627 was published Nov 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database