GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
140 advisories
Filter by severity
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform...
High
Unreviewed
CVE-2023-50957
was published
Feb 10, 2024
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to...
High
Unreviewed
CVE-2023-46386
was published
Dec 1, 2023
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions...
High
Unreviewed
CVE-2023-46388
was published
Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext...
High
Unreviewed
CVE-2023-46384
was published
Dec 1, 2023
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may...
High
Unreviewed
CVE-2024-45862
was published
Sep 19, 2024
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc....
High
Unreviewed
CVE-2024-6921
was published
Sep 2, 2024
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If...
High
Unreviewed
CVE-2024-41716
was published
Sep 4, 2024
An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext...
High
Unreviewed
CVE-2019-16638
was published
Jul 16, 2024
SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-24375
was published
Mar 7, 2024
A vulnerability identified in storing and reusing information in Advance Authentication. This...
High
Unreviewed
CVE-2021-22509
was published
Aug 28, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,...
High
Unreviewed
CVE-2023-49341
was published
Mar 9, 2024
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext.
High
Unreviewed
CVE-2024-36790
was published
Jun 7, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default...
High
Unreviewed
CVE-2024-41690
was published
Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing...
High
Unreviewed
CVE-2024-41688
was published
Jul 26, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials...
High
Unreviewed
CVE-2024-41691
was published
Jul 26, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before....
High
Unreviewed
CVE-2024-22084
was published
Mar 20, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise...
High
Unreviewed
CVE-2024-38877
was published
Aug 2, 2024
An issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-28387
was published
Mar 25, 2024
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an...
High
Unreviewed
CVE-2020-29583
was published
May 24, 2022
The Kiuwan Local Analyzer (KLA) Java scanning application contains several
hard-coded secrets in...
High
Unreviewed
CVE-2023-49113
was published
Jun 20, 2024
Electrolink transmitters store credentials in clear-text. Use of these credentials could allow...
High
Unreviewed
CVE-2024-3742
was published
Apr 19, 2024
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way...
High
Unreviewed
CVE-2020-10273
was published
May 24, 2022
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows...
High
Unreviewed
CVE-2023-44037
was published
Oct 14, 2023
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System...
High
Unreviewed
CVE-2023-31041
was published
Aug 14, 2023
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's...
High
Unreviewed
CVE-2023-39379
was published
Aug 4, 2023
ProTip!
Advisories are also available from the
GraphQL API