Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

626 advisories

Loading
Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in... High Unreviewed
CVE-2025-51055 was published Aug 6, 2025
A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed
CVE-2025-8528 was published Aug 5, 2025
A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client... Moderate Unreviewed
CVE-2025-7738 was published Jul 31, 2025
In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg... Moderate Unreviewed
CVE-2025-54538 was published Jul 28, 2025
In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Moderate Unreviewed
CVE-2025-54537 was published Jul 28, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted... Critical Unreviewed
CVE-2025-30124 was published Jul 28, 2025
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which... Moderate Unreviewed
CVE-2025-4394 was published Jul 25, 2025
In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of... High Unreviewed
CVE-2025-44649 was published Jul 21, 2025
Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local... Moderate Unreviewed
CVE-2025-41458 was published Jul 21, 2025
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in... Moderate Unreviewed
CVE-2025-7397 was published Jul 18, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS... Moderate Unreviewed
CVE-2025-53755 was published Jul 16, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials... Moderate Unreviewed
CVE-2025-53758 was published Jul 16, 2025
Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users Moderate
CVE-2025-53742 was published for org.jenkins-ci.plugins:pplitools-eyes (Maven) Jul 9, 2025
Jenkins Kryptowire Plugin vulnerability stores unencrypted Kryptowire API key Moderate
CVE-2025-53672 was published for io.jenkins.plugins:kryptowire (Maven) Jul 9, 2025
Jenkins Nouvola DiveCloud Plugin vulnerability stores unencrypted credentials Moderate
CVE-2025-53670 was published for org.jenkins-ci.plugins:nouvola-divecloud (Maven) Jul 9, 2025
The hard drives of the device are not encrypted using a full volume encryption feature such as... High Unreviewed
CVE-2025-27460 was published Jul 3, 2025
junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener Moderate
CVE-2025-53103 was published for org.junit.platform:junit-platform-reporting (Maven) Jul 1, 2025
ciscoo marcphilipp
juju/utils leaks private key in certs Moderate
CVE-2025-6224 was published for github.com/juju/utils/v4/cert (Go) Jul 1, 2025
mcsaucy hpidcock
nikosgalanis
The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with... Moderate Unreviewed
CVE-2023-28912 was published Jun 28, 2025
A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on... Low Unreviewed
CVE-2025-6748 was published Jun 27, 2025
Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. Low Unreviewed
CVE-2025-47820 was published Jun 27, 2025
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage... Low Unreviewed
CVE-2025-47824 was published Jun 27, 2025
A local, low-privileged attacker can learn the password of the connected controller in PLC... Moderate Unreviewed
CVE-2025-41647 was published Jun 26, 2025
Successful exploitation of the vulnerability could allow an attacker to intercept data and... Low Unreviewed
CVE-2025-48463 was published Jun 26, 2025
react-native-keys insecurely stores encryption cipher and Base64 chunks High
CVE-2025-45001 was published for react-native-keys (npm) Jun 9, 2025
ThomasWunderlich
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database