Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

653 advisories

Loading
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the AD/LDAP user import... Moderate Unreviewed
CVE-2025-34270 was published Oct 31, 2025
Liferay Portal Stores Password Reset Tokens in Plain Text Moderate
CVE-2025-62261 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Oct 28, 2025
Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could... Moderate Unreviewed
CVE-2025-48428 was published Oct 23, 2025
Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-55334 was published Oct 14, 2025
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local... Moderate Unreviewed
CVE-2025-21060 was published Oct 10, 2025
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local... High Unreviewed
CVE-2025-21061 was published Oct 10, 2025
The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used... Moderate Unreviewed
CVE-2025-59450 was published Oct 6, 2025
Flock Safety Falcon and Sparrow License Plate Readers OPM1.171019.026 ship with development Wi-Fi... High Unreviewed
CVE-2025-59409 was published Oct 2, 2025
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an... Low Unreviewed
CVE-2025-23291 was published Sep 30, 2025
Cleartext storage of sensitive information was discovered in Click Programming Software version... Moderate Unreviewed
CVE-2025-54855 was published Sep 24, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS... Critical Unreviewed
CVE-2025-34206 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS... High Unreviewed
CVE-2025-34200 was published Sep 19, 2025
Cleartext storage of sensitive information in Microsoft PC Manager allows an unauthorized... Moderate Unreviewed
CVE-2025-49728 was published Sep 16, 2025
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form.... Moderate Unreviewed
CVE-2025-58401 was published Sep 5, 2025
Local Deep Research's API keys are stored in plain text Moderate
CVE-2025-57806 was published for local-deep-research (pip) Sep 2, 2025
i-d-lytvynenko
Credited to i-d-lytvynenko
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text High
CVE-2024-52284 was published for github.com/rancher/fleet (Go) Aug 29, 2025
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT... Critical Unreviewed
CVE-2025-55443 was published Aug 26, 2025
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud... Moderate Unreviewed
CVE-2025-2181 was published Aug 13, 2025
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in... Moderate Unreviewed
CVE-2025-2182 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without... High Unreviewed
CVE-2025-54464 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data... Moderate Unreviewed
CVE-2025-55280 was published Aug 13, 2025
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed
CVE-2025-40753 was published Aug 12, 2025
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions ... Moderate Unreviewed
CVE-2025-40752 was published Aug 12, 2025
Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in... High Unreviewed
CVE-2025-51055 was published Aug 6, 2025
A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is... Moderate Unreviewed
CVE-2025-8528 was published Aug 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database