GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
823 advisories
Filter by severity
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network...
Moderate
Unreviewed
CVE-2024-39290
was published
Nov 22, 2024
AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and...
Moderate
Unreviewed
CVE-2024-47142
was published
Nov 22, 2024
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could...
Moderate
Unreviewed
CVE-2021-1232
was published
Nov 18, 2024
In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software...
Moderate
Unreviewed
CVE-2024-47588
was published
Nov 12, 2024
An issue in the luci-mod-rpc package in OpenWRT Luci LTS allows for privilege escalation from an...
High
Unreviewed
CVE-2024-51240
was published
Nov 5, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100...
Moderate
Unreviewed
CVE-2024-34885
was published
Nov 4, 2024
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100...
Moderate
Unreviewed
CVE-2024-34883
was published
Nov 4, 2024
Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100...
Moderate
Unreviewed
CVE-2024-34887
was published
Nov 4, 2024
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100...
Moderate
Unreviewed
CVE-2024-34882
was published
Nov 4, 2024
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication...
Moderate
Unreviewed
CVE-2023-50310
was published
Oct 23, 2024
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which...
High
Unreviewed
CVE-2024-43812
was published
Oct 23, 2024
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H...
Moderate
Unreviewed
CVE-2024-9677
was published
Oct 22, 2024
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache...
Critical
Unreviewed
CVE-2024-44000
was published
Oct 20, 2024
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is...
High
Unreviewed
CVE-2024-7755
was published
Oct 17, 2024
The affected product is vulnerable due to insufficiently protected credentials, which may allow...
High
Unreviewed
CVE-2024-49396
was published
Oct 17, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform...
Moderate
Unreviewed
CVE-2024-20462
was published
Oct 16, 2024
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
Moderate
Unreviewed
CVE-2024-47161
was published
Oct 8, 2024
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64...
Moderate
Unreviewed
CVE-2024-37187
was published
Sep 27, 2024
Advantech ADAM-5630 shares user credentials plain text between the device and the user source...
Moderate
Unreviewed
CVE-2024-34542
was published
Sep 27, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and...
Moderate
Unreviewed
CVE-2024-40703
was published
Sep 22, 2024
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
Moderate
Unreviewed
CVE-2024-47162
was published
Sep 19, 2024
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
The Eaton Foreseer software provides the feasibility for the user to configure external servers...
Moderate
Unreviewed
CVE-2024-31415
was published
Sep 13, 2024
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8,...
High
Unreviewed
CVE-2024-28981
was published
Sep 12, 2024
A vulnerability in the storage method of the PON Controller configuration file could allow an...
High
Unreviewed
CVE-2024-20489
was published
Sep 11, 2024
ProTip!
Advisories are also available from the
GraphQL API