GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,808
Composer 5,566
Erlang 49
GitHub Actions 49
Go 3,479
Maven 6,393
npm 5,718
NuGet 886
pip 4,740
Pub 13
RubyGems 1,031
Rust 1,225
Swift 53

Unreviewed advisories

All unreviewed 297,402

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,287 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Oxford Nanopore Technologies' MinKNOW software at or prior to version 24.11 stores authentication... High Unreviewed

CVE-2025-54808 was published Oct 23, 2025

This vulnerability allows an attacker to access parts of the application that are not protected... Moderate Unreviewed

CVE-2025-12461 was published Oct 29, 2025

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly... Critical Unreviewed

CVE-2025-54863 was published Nov 4, 2025

The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an... High Unreviewed

CVE-2025-12636 was published Nov 7, 2025

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure... Critical Unreviewed

CVE-2025-64689 was published Nov 10, 2025

Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD),... Moderate Unreviewed

CVE-2025-42897 was published Nov 11, 2025

A 3rd-party component exposed its password in process arguments, allowing for low-privileged... Moderate Unreviewed

CVE-2025-6571 was published Nov 11, 2025

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments... Critical Unreviewed

CVE-2025-36096 was published Nov 14, 2025

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown... Moderate Unreviewed

CVE-2025-13187 was published Nov 15, 2025

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability,... Moderate Unreviewed

CVE-2025-13164 was published Nov 17, 2025

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability,... Moderate Unreviewed

CVE-2025-13163 was published Nov 17, 2025

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server:... Low Unreviewed

CVE-2025-13758 was published Nov 27, 2025

Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2... Moderate Unreviewed

CVE-2025-63361 was published Dec 4, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently... Moderate Unreviewed

CVE-2025-64898 was published Dec 10, 2025

QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows... High Unreviewed

CVE-2020-36896 was published Dec 10, 2025

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache... Critical Unreviewed

CVE-2025-58130 was published Dec 12, 2025

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM... Moderate Unreviewed

CVE-2025-14148 was published Dec 15, 2025

Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint... High Unreviewed

CVE-2025-15113 was published Dec 31, 2025

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows... High Unreviewed

CVE-2021-47741 was published Dec 31, 2025

NuCom 11N Wireless Router 5.07.90 contains a privilege escalation vulnerability that allows non... High Unreviewed

CVE-2021-47726 was published Dec 31, 2025

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC... High Unreviewed

CVE-2025-64122 was published Jan 3, 2026

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be... Moderate Unreviewed

CVE-2025-62327 was published Jan 7, 2026

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows,... Low Unreviewed

CVE-2025-69271 was published Jan 12, 2026

The vulnerability exists in BLUVOYIX due to an improper password storage implementation and... Critical Unreviewed

CVE-2026-22240 was published Jan 14, 2026

Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before... Moderate Unreviewed

CVE-2023-32280 was published Jan 14, 2026

Previous 1…49…52 Next

Previous 1 2 … 47 48 49 50 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,287 advisories