GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,438
Composer 4,411
Erlang 33
GitHub Actions 22
Go 2,146
Maven 5,316
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 899
Swift 38

Unreviewed advisories

All unreviewed 246,165

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

479 advisories

Filter by severity

Sort by

Least recently updated

Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed

CVE-2025-24849 was published Feb 28, 2025

If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP... Moderate Unreviewed

CVE-2024-5462 was published Feb 15, 2025

The Samba AD DC administration tool, when operating against a remote LDAP server, will by default... Moderate Unreviewed

CVE-2023-0922 was published Apr 4, 2023

CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result... High Unreviewed

CVE-2025-1060 was published Feb 13, 2025

In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older... High Unreviewed

CVE-2025-0556 was published Feb 12, 2025

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from... High Unreviewed

CVE-2024-36558 was published Feb 6, 2025

In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could... High Unreviewed

CVE-2024-4161 was published Apr 25, 2024

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or... Moderate Unreviewed

CVE-2024-43187 was published Feb 4, 2025

The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over... Moderate Unreviewed

CVE-2024-48121 was published Jan 15, 2025

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed

CVE-2023-32290 was published May 7, 2023

IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear... Moderate Unreviewed

CVE-2023-35017 was published Jan 29, 2025

A Credential Exposure Vulnerability exists in the above-mentioned product and version. The... High Unreviewed

CVE-2025-0631 was published Jan 28, 2025

EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added,... Moderate Unreviewed

CVE-2025-0432 was published Jan 28, 2025

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication... Moderate Unreviewed

CVE-2024-28786 was published Jan 28, 2025

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text... Moderate Unreviewed

CVE-2024-26155 was published Jan 17, 2025

A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA... Moderate Unreviewed

CVE-2024-45102 was published Jan 15, 2025

Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed

CVE-2021-26565 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation... Moderate Unreviewed

CVE-2020-27656 was published May 24, 2022

HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. ... Low Unreviewed

CVE-2024-42181 was published Jan 13, 2025

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to... Moderate Unreviewed

CVE-2021-39090 was published Feb 29, 2024

iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive... Low Unreviewed

CVE-2024-11946 was published Dec 30, 2024

IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms... Moderate Unreviewed

CVE-2021-39081 was published Dec 19, 2024

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote... Moderate Unreviewed

CVE-2024-49819 was published Dec 17, 2024

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote... Low Unreviewed

CVE-2024-49820 was published Dec 17, 2024

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2024-53246 was published Dec 10, 2024

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

479 advisories