GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,333
Composer 4,651
Erlang 34
GitHub Actions 26
Go 2,253
Maven 5,510
npm 3,905
NuGet 702
pip 3,676
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,011

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

585 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to... Moderate Unreviewed

CVE-2025-0123 was published Apr 11, 2025

This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi... Moderate Unreviewed

CVE-2025-3442 was published Apr 9, 2025

Jenkins Cadence vManager Plugin Stores Verisium Manager vAPI keys Unencrypted Moderate

CVE-2025-31724 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) Apr 2, 2025

Jenkins monitor-remote-job Plugin Stores Passwords Unencrypted Moderate

CVE-2025-31725 was published for org.ukiuni.monitor-remote-job-plugin:monitor-remote-job (Maven) Apr 2, 2025

Jenkins Stack Hammer Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate

CVE-2025-31726 was published for org.jenkins-ci.plugins:stackhammer (Maven) Apr 2, 2025

Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files Moderate

CVE-2025-31727 was published for org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin (Maven) Apr 2, 2025

Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who... Moderate Unreviewed

CVE-2025-0418 was published Apr 1, 2025

The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3... Moderate Unreviewed

CVE-2025-2909 was published Mar 28, 2025

An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data... High Unreviewed

CVE-2025-25758 was published Mar 20, 2025

This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext... Moderate Unreviewed

CVE-2025-2189 was published Mar 11, 2025

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery... High Unreviewed

CVE-2024-12604 was published Mar 10, 2025

A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as... Low Unreviewed

CVE-2025-2120 was published Mar 9, 2025

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate

CVE-2025-27623 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission Moderate

CVE-2025-27622 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... High Unreviewed

CVE-2025-27685 was published Mar 5, 2025

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text.... Moderate Unreviewed

CVE-2024-10404 was published Feb 14, 2025

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain... Critical Unreviewed

CVE-2025-22896 was published Feb 14, 2025

Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record... High Unreviewed

CVE-2025-26495 was published Feb 11, 2025

Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti... Moderate Unreviewed

CVE-2024-13843 was published Feb 11, 2025

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed

CVE-2024-53651 was published Feb 11, 2025

Sensitive data could be exposed to non- privileged users in a configuration file. Local access... Moderate Unreviewed

CVE-2024-45718 was published Feb 11, 2025

IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed

CVE-2024-49800 was published Feb 6, 2025

Jenkins Zoom Plugin Stores Sensitive Information in Cleartext Moderate

CVE-2025-0142 was published for io.jenkins.plugins:zoom (Maven) Jan 30, 2025

ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An... Moderate Unreviewed

CVE-2024-12079 was published Jan 23, 2025

Clear text secrets returned & Remote system secrets in clear text Moderate Unreviewed

CVE-2024-55928 was published Jan 23, 2025

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

585 advisories