Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,704
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

398 advisories

Loading
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability,... Moderate Unreviewed
CVE-2025-13163 was published Nov 17, 2025
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability,... Moderate Unreviewed
CVE-2025-13164 was published Nov 17, 2025
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed
CVE-2022-30231 was published Jun 15, 2022
A 3rd-party component exposed its password in process arguments, allowing for low-privileged... Moderate Unreviewed
CVE-2025-6571 was published Nov 11, 2025
Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD),... Moderate Unreviewed
CVE-2025-42897 was published Nov 11, 2025
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4327 was published Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4328 was published Aug 15, 2023
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions <... Moderate Unreviewed
CVE-2024-53832 was published Dec 10, 2024
This vulnerability allows an attacker to access parts of the application that are not protected... Moderate Unreviewed
CVE-2025-12461 was published Oct 29, 2025
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed
CVE-2020-8657 was published May 24, 2022
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could... Moderate Unreviewed
CVE-2024-42192 was published Oct 16, 2025
In version 0.0.14 of transformeroptimus/superagi, the API endpoint `/api/users/get/{id}` returns... Moderate Unreviewed
CVE-2024-9418 was published Mar 20, 2025
The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it... Moderate Unreviewed
CVE-2025-27231 was published Oct 3, 2025
Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike... Moderate Unreviewed
CVE-2025-37728 was published Oct 7, 2025
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly... Moderate Unreviewed
CVE-2025-0619 was published Jan 23, 2025
Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access... Moderate Unreviewed
CVE-2025-2394 was published May 23, 2025
In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content... Moderate Unreviewed
CVE-2025-10360 was published Sep 24, 2025
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password... Moderate Unreviewed
CVE-2014-0755 was published May 17, 2022
The Eaton Foreseer software provides the feasibility for the user to configure external servers... Moderate Unreviewed
CVE-2024-31415 was published Sep 13, 2024
MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure... Moderate Unreviewed
CVE-2025-3480 was published May 22, 2025
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3).... Moderate Unreviewed
CVE-2025-40751 was published Aug 12, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has... Moderate Unreviewed
CVE-2025-54394 was published Aug 7, 2025
Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC"... Moderate Unreviewed
CVE-2025-5922 was published Jul 29, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22.... Moderate Unreviewed
CVE-2025-7565 was published Jul 14, 2025
Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage Moderate Unreviewed
CVE-2025-24508 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database