GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
516 advisories
Filter by severity
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an...
High
Unreviewed
CVE-2020-29583
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.
Moderate
Unreviewed
CVE-2020-11923
was published
May 24, 2022
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in...
Moderate
Unreviewed
CVE-2020-11924
was published
May 24, 2022
An issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-28387
was published
Mar 25, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise...
High
Unreviewed
CVE-2024-38877
was published
Aug 2, 2024
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected...
Moderate
Unreviewed
CVE-2024-31486
was published
May 14, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before....
High
Unreviewed
CVE-2024-22084
was published
Mar 20, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default...
High
Unreviewed
CVE-2024-41690
was published
Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials...
High
Unreviewed
CVE-2024-41691
was published
Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing...
High
Unreviewed
CVE-2024-41688
was published
Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA...
Moderate
Unreviewed
CVE-2024-41689
was published
Jul 26, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b...
Moderate
Unreviewed
CVE-2024-29954
was published
Jun 26, 2024
Grafana information disclosure
Moderate
CVE-2020-12458
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext.
High
Unreviewed
CVE-2024-36790
was published
Jun 7, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local...
Moderate
Unreviewed
CVE-2024-5916
was published
Aug 14, 2024
Mattermost doesn't redact remote users' original email addresses
Moderate
CVE-2024-32939
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,...
High
Unreviewed
CVE-2023-49341
was published
Mar 9, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This...
High
Unreviewed
CVE-2021-22509
was published
Aug 28, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0...
Moderate
Unreviewed
CVE-2024-25024
was published
Aug 15, 2024
SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-24375
was published
Mar 7, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a...
Moderate
Unreviewed
CVE-2024-33892
was published
Aug 2, 2024
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext...
High
Unreviewed
CVE-2019-16638
was published
Jul 16, 2024
Apache Airflow logs passwords in plaintext
Low
CVE-2020-17511
was published
for
apache-airflow
(pip)
Dec 17, 2020
A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the...
Moderate
Unreviewed
CVE-2024-8689
was published
Sep 11, 2024
Tina search token leak via lock file in TinaCMS
High
CVE-2024-45391
was published
for
@tinacms/cli
(npm)
Sep 3, 2024
ProTip!
Advisories are also available from the
GraphQL API