Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed
CVE-2024-45004 was published Sep 4, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local... Moderate Unreviewed
CVE-2024-5916 was published Aug 14, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-39674 was published Jul 25, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from... Moderate Unreviewed
CVE-2024-39732 was published Jul 14, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2024-25023 was published Jul 10, 2024
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi... Moderate Unreviewed
CVE-2024-40750 was published Jul 9, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed
CVE-2024-29954 was published Jun 26, 2024
An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and... Moderate Unreviewed
CVE-2024-36589 was published Jun 13, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords... Moderate Unreviewed
CVE-2024-31840 was published May 21, 2024
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected... Moderate Unreviewed
CVE-2024-31486 was published May 14, 2024
An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and... Moderate Unreviewed
CVE-2024-4840 was published May 14, 2024
NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27370 was published May 3, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in... Moderate Unreviewed
CVE-2024-29956 was published Apr 18, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to... Moderate Unreviewed
CVE-2024-29952 was published Apr 18, 2024
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to... Moderate Unreviewed
CVE-2024-24488 was published Feb 7, 2024
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive... Moderate Unreviewed
CVE-2023-31002 was published Feb 7, 2024
The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information... Moderate Unreviewed
CVE-2023-50294 was published Dec 26, 2023
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An... Moderate Unreviewed
CVE-2022-46141 was published Dec 12, 2023
A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28... Moderate Unreviewed
CVE-2023-40238 was published Dec 7, 2023
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential... Moderate Unreviewed
CVE-2023-47312 was published Nov 22, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed
CVE-2023-41096 was published Oct 26, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed
CVE-2023-41964 was published Oct 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database