Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,487
Erlang
33
GitHub Actions
24
Go
2,211
Maven
5,000+
npm
3,868
NuGet
696
pip
3,642
Pub
12
RubyGems
913
Rust
921
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

82 advisories

Loading
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-43186 was published Mar 29, 2025
An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store... High Unreviewed
CVE-2024-40116 was published Jul 26, 2024
Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were... Moderate Unreviewed
CVE-2025-25727 was published Feb 28, 2025
Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a... Critical Unreviewed
CVE-2024-23486 was published Apr 15, 2024
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local... Moderate Unreviewed
CVE-2024-45638 was published Mar 14, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-25024 was published Aug 15, 2024
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local... Moderate Unreviewed
CVE-2023-50945 was published Jan 26, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27662 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed
CVE-2025-27656 was published Mar 5, 2025
Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860... High Unreviewed
CVE-2024-41336 was published Feb 27, 2025
A vulnerability exists in the VideONet product included in the listed System 800xA versions,... High Unreviewed
CVE-2024-10334 was published Feb 10, 2025
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in... High Unreviewed
CVE-2024-53292 was published Dec 11, 2024
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure... Moderate Unreviewed
CVE-2024-28961 was published Apr 29, 2024
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage... Low Unreviewed
CVE-2024-28971 was published May 8, 2024
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21102 was published Jan 8, 2025
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21111 was published Jan 8, 2025
After gaining access to the firmware of a charging station, a file at <redacted> can be accessed... High Unreviewed
CVE-2024-43659 was published Jan 9, 2025
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to... Moderate Unreviewed
CVE-2024-31899 was published Sep 26, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to... Moderate Unreviewed
CVE-2023-50956 was published Dec 18, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9  stores user credentials in... Moderate Unreviewed
CVE-2024-52361 was published Dec 18, 2024
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords... High Unreviewed
CVE-2024-36460 was published Aug 12, 2024
Certain models of routers from Billion Electric has a Plaintext Storage of a Password... High Unreviewed
CVE-2024-11982 was published Nov 29, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
User passwords are decrypted and stored on memory before any user logged in. Those decrypted... Moderate Unreviewed
CVE-2024-29978 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database