Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

277 advisories

Loading
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text.... Moderate Unreviewed
CVE-2024-10404 was published Feb 14, 2025
Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti... Moderate Unreviewed
CVE-2024-13843 was published Feb 11, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed
CVE-2024-53651 was published Feb 11, 2025
Sensitive data could be exposed to non- privileged users in a configuration file. Local access... Moderate Unreviewed
CVE-2024-45718 was published Feb 11, 2025
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed
CVE-2024-49800 was published Feb 6, 2025
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version... Moderate Unreviewed
CVE-2025-0142 was published Jan 30, 2025
Clear text secrets returned & Remote system secrets in clear text Moderate Unreviewed
CVE-2024-55928 was published Jan 23, 2025
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An... Moderate Unreviewed
CVE-2024-12079 was published Jan 23, 2025
A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0... Moderate Unreviewed
CVE-2024-50570 was published Dec 18, 2024
IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in... Moderate Unreviewed
CVE-2024-35117 was published Dec 11, 2024
Oxide before 6 has unencrypted Control Plane datastores. Moderate Unreviewed
CVE-2024-55582 was published Dec 9, 2024
This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a... Moderate Unreviewed
CVE-2024-54127 was published Dec 5, 2024
This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in... Moderate Unreviewed
CVE-2024-12094 was published Dec 5, 2024
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-29146 was published Nov 26, 2024
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This... Moderate Unreviewed
CVE-2024-11159 was published Nov 13, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created... Moderate Unreviewed
CVE-2020-11918 was published Nov 7, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed
CVE-2024-34891 was published Nov 4, 2024
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain... Moderate Unreviewed
CVE-2024-10523 was published Nov 4, 2024
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information,... Moderate Unreviewed
CVE-2024-7783 was published Oct 29, 2024
The conformance validation endpoint is public so everybody can verify the conformance of... Moderate Unreviewed
CVE-2024-9802 was published Oct 10, 2024
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco... Moderate Unreviewed
CVE-2024-20448 was published Oct 2, 2024
Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19... Moderate Unreviewed
CVE-2024-25658 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed
CVE-2024-28807 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed
CVE-2024-28810 was published Sep 30, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed
CVE-2024-7259 was published Sep 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database