GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,880
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,036
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 237,994

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

836 advisories

Filter by severity

Sort by

Least recently updated

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2024-54471 was published Dec 12, 2024

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form,... High Unreviewed

CVE-2024-46341 was published Dec 10, 2024

TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were... High Unreviewed

CVE-2024-50699 was published Dec 10, 2024

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed

CVE-2024-53832 was published Dec 10, 2024

Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed

CVE-2024-40583 was published Dec 9, 2024

STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware... Critical Unreviewed

CVE-2023-48010 was published Dec 5, 2024

Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed

CVE-2024-51545 was published Dec 5, 2024

A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose... High Unreviewed

CVE-2024-42457 was published Dec 4, 2024

A security vulnerability in HPE IceWall products could be exploited remotely to cause... Low Unreviewed

CVE-2024-11856 was published Dec 2, 2024

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed

CVE-2024-11703 was published Nov 26, 2024

Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident... Moderate Unreviewed

CVE-2024-6749 was published Nov 26, 2024

AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed

CVE-2024-47142 was published Nov 22, 2024

Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed

CVE-2024-39290 was published Nov 22, 2024

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2021-1232 was published Nov 18, 2024

In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software... Moderate Unreviewed

CVE-2024-47588 was published Nov 12, 2024

An issue in the luci-mod-rpc package in OpenWRT Luci LTS allows for privilege escalation from an... High Unreviewed

CVE-2024-51240 was published Nov 5, 2024

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34885 was published Nov 4, 2024

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34883 was published Nov 4, 2024

Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34887 was published Nov 4, 2024

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34882 was published Nov 4, 2024

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed

CVE-2023-50310 was published Oct 23, 2024

Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which... High Unreviewed

CVE-2024-43812 was published Oct 23, 2024

The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H... Moderate Unreviewed

CVE-2024-9677 was published Oct 22, 2024

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache... Critical Unreviewed

CVE-2024-44000 was published Oct 20, 2024

The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is... High Unreviewed

CVE-2024-7755 was published Oct 17, 2024

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

836 advisories