GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,420

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

347 advisories

Filter by severity

Sort by

Least recently updated

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34885 was published Nov 4, 2024

Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34887 was published Nov 4, 2024

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34883 was published Nov 4, 2024

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100... Moderate Unreviewed

CVE-2024-34882 was published Nov 4, 2024

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication... Moderate Unreviewed

CVE-2023-50310 was published Oct 23, 2024

The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H... Moderate Unreviewed

CVE-2024-9677 was published Oct 22, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed

CVE-2024-20462 was published Oct 16, 2024

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API Moderate Unreviewed

CVE-2024-47161 was published Oct 8, 2024

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64... Moderate Unreviewed

CVE-2024-37187 was published Sep 27, 2024

Advantech ADAM-5630 shares user credentials plain text between the device and the user source... Moderate Unreviewed

CVE-2024-34542 was published Sep 27, 2024

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... Moderate Unreviewed

CVE-2024-40703 was published Sep 22, 2024

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page Moderate Unreviewed

CVE-2024-47162 was published Sep 19, 2024

The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed

CVE-2024-31415 was published Sep 13, 2024

Credentials to access device configuration information stored unencrypted in flash memory. These... Moderate Unreviewed

CVE-2024-39278 was published Sep 6, 2024

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive... Moderate Unreviewed

CVE-2024-40704 was published Aug 15, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison... Moderate Unreviewed

CVE-2024-7813 was published Aug 15, 2024

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an... Moderate Unreviewed

CVE-2024-3082 was published Jul 31, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain... Moderate Unreviewed

CVE-2024-39733 was published Jul 14, 2024

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App... Moderate Unreviewed

CVE-2024-39878 was published Jul 1, 2024

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile... Moderate Unreviewed

CVE-2024-39879 was published Jul 1, 2024

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site Moderate Unreviewed

CVE-2024-38505 was published Jun 18, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed

CVE-2024-26330 was published Jun 11, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35208 was published Jun 11, 2024

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

347 advisories