Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

906 advisories

Loading
A password is exposed locally. Moderate Unreviewed
CVE-2025-35941 was published Jun 11, 2025
CyberData 011209 Intercom does not properly store or protect web server admin credentials. High Unreviewed
CVE-2025-30183 was published Jun 10, 2025
IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2025-33079 was published May 27, 2025
An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the... Moderate Unreviewed
CVE-2023-36266 was published Jul 12, 2023
Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary... High Unreviewed
CVE-2021-43978 was published Dec 9, 2021
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine... Moderate Unreviewed
CVE-2020-8422 was published May 24, 2022
Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access... Moderate Unreviewed
CVE-2025-2394 was published May 23, 2025
All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and... Moderate Unreviewed
CVE-2018-5446 was published May 13, 2022
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... High Unreviewed
CVE-2018-10622 was published May 13, 2022
MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure... Moderate Unreviewed
CVE-2025-3480 was published May 22, 2025
A passback vulnerability which relates to production printers and office multifunction printers. Moderate Unreviewed
CVE-2025-3078 was published May 20, 2025
A passback vulnerability which relates to office/small office multifunction printers and laser... Moderate Unreviewed
CVE-2025-3079 was published May 20, 2025
HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed
CVE-2024-42172 was published Jan 11, 2025
A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers... Moderate Unreviewed
CVE-2025-4679 was published May 16, 2025
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed
CVE-2022-40845 was published Nov 15, 2022
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed
CVE-2024-20282 was published Apr 3, 2024
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed
CVE-2022-30944 was published Aug 19, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Critical Unreviewed
CVE-2022-30601 was published Aug 19, 2022
An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated... Critical Unreviewed
CVE-2022-45276 was published Nov 23, 2022
BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure... Moderate Unreviewed
CVE-2025-2772 was published Apr 23, 2025
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01... High Unreviewed
CVE-2025-28228 was published Apr 21, 2025
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently... Critical Unreviewed
CVE-2017-3192 was published May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to... High Unreviewed
CVE-2017-7547 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE,... High Unreviewed
CVE-2017-6046 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database