Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,412
Maven
5,000+
npm
4,050
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

161 advisories

Loading
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Critical Unreviewed
CVE-2022-30601 was published Aug 19, 2022
An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated... Critical Unreviewed
CVE-2022-45276 was published Nov 23, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently... Critical Unreviewed
CVE-2017-3192 was published May 13, 2022
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an... Critical Unreviewed
CVE-2017-6709 was published May 13, 2022
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices... Critical Unreviewed
CVE-2017-8837 was published May 13, 2022
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3... Critical Unreviewed
CVE-2017-7913 was published May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed
CVE-2021-22640 was published Jul 29, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27648 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014... Critical Unreviewed
CVE-2025-27650 was published Mar 5, 2025
Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password... Critical Unreviewed
CVE-2025-22372 was published Apr 14, 2025
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-46967 was published Jan 27, 2023
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... Critical Unreviewed
CVE-2022-47697 was published Jan 31, 2023
An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605... Critical Unreviewed
CVE-2025-25650 was published Mar 17, 2025
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition... Critical Unreviewed
CVE-2024-12799 was published Mar 5, 2025
Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded... Critical Unreviewed
CVE-2025-25570 was published Feb 28, 2025
The standard user uses the run as function to start the MEAC applications with administrative... Critical Unreviewed
CVE-2025-0867 was published Feb 14, 2025
Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command... Critical Unreviewed
CVE-2024-21815 was published Mar 5, 2024
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. Critical Unreviewed
CVE-2021-30116 was published May 24, 2022
Password Vulnerability in Safety production process management system v1.0 allows a remote... Critical Unreviewed
CVE-2024-57395 was published Jan 30, 2025
An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed
CVE-2025-0477 was published Jan 30, 2025
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed
CVE-2024-40583 was published Dec 9, 2024
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware... Critical Unreviewed
CVE-2023-48010 was published Dec 5, 2024
Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed
CVE-2024-51545 was published Dec 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database