Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,740
Maven
5,000+
npm
4,338
NuGet
765
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18 advisories

Loading
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows... High Unreviewed
CVE-2023-53770 was published Dec 9, 2025
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that... Critical Unreviewed
CVE-2023-53739 was published Dec 9, 2025
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source... Moderate Unreviewed
CVE-2025-33119 was published Nov 13, 2025
IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6... Moderate Unreviewed
CVE-2025-36002 was published Oct 16, 2025
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0... Moderate Unreviewed
CVE-2025-36100 was published Sep 7, 2025
EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5(md5(password)). This... Moderate Unreviewed
CVE-2025-51540 was published Aug 19, 2025
Standard Windows users can access the configuration file for database access of the BRAIN2... Critical Unreviewed
CVE-2025-6513 was published Jun 23, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Critical Unreviewed
CVE-2025-25022 was published Jun 3, 2025
An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP... Moderate Unreviewed
CVE-2025-48046 was published May 29, 2025
IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm... High Unreviewed
CVE-2025-33093 was published May 7, 2025
The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file... High Unreviewed
CVE-2025-32111 was published Apr 4, 2025
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for... Moderate Unreviewed
CVE-2024-45673 was published Feb 21, 2025
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials... Moderate Unreviewed
CVE-2024-49817 was published Dec 17, 2024
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file.... Critical Unreviewed
CVE-2023-34128 was published Jul 13, 2023
A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224... Low Unreviewed
CVE-2023-2790 was published May 18, 2023
The installation component in Hospira MedNet before 6.1 places cleartext credentials in... Low Unreviewed
CVE-2014-5400 was published May 17, 2022
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0... High Unreviewed
CVE-2017-7923 was published May 17, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database