Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,855
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,102
NuGet
734
pip
3,915
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

327 advisories

Loading
IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm... High Unreviewed
CVE-2025-33093 was published May 7, 2025
Insufficiently Protected Credentials vulnerability in ABB Aspect.This issue affects Aspect:... High Unreviewed
CVE-2025-53188 was published Aug 11, 2025
Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected... High Unreviewed
CVE-2025-38739 was published Aug 4, 2025
CyberData 011209 Intercom does not properly store or protect web server admin credentials. High Unreviewed
CVE-2025-30183 was published Jun 10, 2025
Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary... High Unreviewed
CVE-2021-43978 was published Dec 9, 2021
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... High Unreviewed
CVE-2018-10622 was published May 13, 2022
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01... High Unreviewed
CVE-2025-28228 was published Apr 21, 2025
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to... High Unreviewed
CVE-2017-7547 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE,... High Unreviewed
CVE-2017-6046 was published May 13, 2022
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows... High Unreviewed
CVE-2017-9552 was published May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to... High Unreviewed
CVE-2017-9557 was published May 13, 2022
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of... High Unreviewed
CVE-2017-8296 was published May 13, 2022
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which... High Unreviewed
CVE-2017-7486 was published May 14, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password... High Unreviewed
CVE-2017-6528 was published May 13, 2022
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40510 was published May 3, 2024
LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40511 was published May 3, 2024
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to... High Unreviewed
CVE-2025-26628 was published Apr 8, 2025
In freeradius, the EAP-PWD function compute_password_element() leaks information about the... High Unreviewed
CVE-2022-41859 was published Jan 17, 2023
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by... High Unreviewed
CVE-2005-3435 was published May 1, 2022
Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100,... High Unreviewed
CVE-2023-6259 was published Feb 20, 2024
Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13... High Unreviewed
CVE-2025-2277 was published Mar 13, 2025
The exposure of credentials in the call forwarding configuration module in MeetMe products in... High Unreviewed
CVE-2025-2908 was published Mar 28, 2025
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... High Unreviewed
CVE-2024-29071 was published Mar 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database