Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,851
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,098
NuGet
734
pip
3,914
Pub
12
RubyGems
945
Rust
1,016
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

162 advisories

Loading
An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-52095 was published Aug 22, 2025
Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password... Critical Unreviewed
CVE-2025-22372 was published Apr 14, 2025
An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605... Critical Unreviewed
CVE-2025-25650 was published Mar 17, 2025
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition... Critical Unreviewed
CVE-2024-12799 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed
CVE-2025-27650 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27648 was published Mar 5, 2025
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded... Critical Unreviewed
CVE-2025-25570 was published Feb 28, 2025
The standard user uses the run as function to start the MEAC applications with administrative... Critical Unreviewed
CVE-2025-0867 was published Feb 14, 2025
An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed
CVE-2025-0477 was published Jan 30, 2025
Password Vulnerability in Safety production process management system v1.0 allows a remote... Critical Unreviewed
CVE-2024-57395 was published Jan 30, 2025
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed
CVE-2024-40583 was published Dec 9, 2024
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware... Critical Unreviewed
CVE-2023-48010 was published Dec 5, 2024
Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed
CVE-2024-51545 was published Dec 5, 2024
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache... Critical Unreviewed
CVE-2024-44000 was published Oct 20, 2024
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub... Critical Unreviewed
CVE-2024-6118 was published Aug 5, 2024
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1... Critical Unreviewed
CVE-2024-37051 was published Jun 10, 2024
H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's... Critical Unreviewed
CVE-2024-32238 was published Apr 22, 2024
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command... Critical Unreviewed
CVE-2024-21815 was published Mar 5, 2024
TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source... Critical Unreviewed
CVE-2023-27132 was published Oct 17, 2023
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient... Critical Unreviewed
CVE-2023-25531 was published Sep 20, 2023
An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated... Critical Unreviewed
CVE-2022-45611 was published Aug 22, 2023
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the... Critical Unreviewed
CVE-2023-20965 was published Aug 14, 2023
An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain... Critical Unreviewed
CVE-2023-36082 was published Aug 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database