Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

388 advisories

Loading
The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed
CVE-2024-31415 was published Sep 13, 2024
MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure... Moderate Unreviewed
CVE-2025-3480 was published May 22, 2025
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3).... Moderate Unreviewed
CVE-2025-40751 was published Aug 12, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has... Moderate Unreviewed
CVE-2025-54394 was published Aug 7, 2025
Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC"... Moderate Unreviewed
CVE-2025-5922 was published Jul 29, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22.... Moderate Unreviewed
CVE-2025-7565 was published Jul 14, 2025
Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage Moderate Unreviewed
CVE-2025-24508 was published Jul 7, 2025
A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers... Moderate Unreviewed
CVE-2025-4679 was published May 16, 2025
Insufficiently Protected Credentials in LDAP in Konica Minolta bizhub 227 Multifunction printers... Moderate Unreviewed
CVE-2025-6081 was published Jul 1, 2025
An authenticated attacker can reconfigure the target device to use an external service (such as... Moderate Unreviewed
CVE-2024-51984 was published Jun 26, 2025
A password is exposed locally. Moderate Unreviewed
CVE-2025-35941 was published Jun 11, 2025
IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2025-33079 was published May 27, 2025
An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the... Moderate Unreviewed
CVE-2023-36266 was published Jul 12, 2023
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine... Moderate Unreviewed
CVE-2020-8422 was published May 24, 2022
Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access... Moderate Unreviewed
CVE-2025-2394 was published May 23, 2025
All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and... Moderate Unreviewed
CVE-2018-5446 was published May 13, 2022
A passback vulnerability which relates to office/small office multifunction printers and laser... Moderate Unreviewed
CVE-2025-3079 was published May 20, 2025
A passback vulnerability which relates to production printers and office multifunction printers. Moderate Unreviewed
CVE-2025-3078 was published May 20, 2025
HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed
CVE-2024-42172 was published Jan 11, 2025
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed
CVE-2022-40845 was published Nov 15, 2022
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed
CVE-2024-20282 was published Apr 3, 2024
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed
CVE-2022-30944 was published Aug 19, 2022
BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure... Moderate Unreviewed
CVE-2025-2772 was published Apr 23, 2025
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.... Moderate Unreviewed
CVE-2022-45424 was published Dec 27, 2022
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through... Moderate Unreviewed
CVE-2022-43959 was published Jan 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database