Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

516 advisories

Loading
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. Moderate Unreviewed
CVE-2020-11923 was published May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in... Moderate Unreviewed
CVE-2020-11924 was published May 24, 2022
An issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-28387 was published Mar 25, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise... High Unreviewed
CVE-2024-38877 was published Aug 2, 2024
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected... Moderate Unreviewed
CVE-2024-31486 was published May 14, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before.... High Unreviewed
CVE-2024-22084 was published Mar 20, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default... High Unreviewed
CVE-2024-41690 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials... High Unreviewed
CVE-2024-41691 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing... High Unreviewed
CVE-2024-41688 was published Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed
CVE-2024-29954 was published Jun 26, 2024
Grafana information disclosure Moderate
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. High Unreviewed
CVE-2024-36790 was published Jun 7, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local... Moderate Unreviewed
CVE-2024-5916 was published Aug 14, 2024
Mattermost doesn't redact remote users' original email addresses Moderate
CVE-2024-32939 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,... High Unreviewed
CVE-2023-49341 was published Mar 9, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This... High Unreviewed
CVE-2021-22509 was published Aug 28, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-24375 was published Mar 7, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext... High Unreviewed
CVE-2019-16638 was published Jul 16, 2024
Apache Airflow logs passwords in plaintext Low
CVE-2020-17511 was published for apache-airflow (pip) Dec 17, 2020
A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the... Moderate Unreviewed
CVE-2024-8689 was published Sep 11, 2024
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database