Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

176 advisories

Loading
Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed
CVE-2025-24849 was published Feb 28, 2025
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result... High Unreviewed
CVE-2025-1060 was published Feb 13, 2025
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older... High Unreviewed
CVE-2025-0556 was published Feb 12, 2025
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from... High Unreviewed
CVE-2024-36558 was published Feb 6, 2025
A Credential Exposure Vulnerability exists in the above-mentioned product and version. The... High Unreviewed
CVE-2025-0631 was published Jan 28, 2025
Web browser interface may manipulate application username/password in clear text or Base64... High Unreviewed
CVE-2024-6515 was published Dec 5, 2024
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform... High Unreviewed
CVE-2024-50634 was published Nov 8, 2024
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48788 was published Oct 11, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage... High Unreviewed
CVE-2024-47789 was published Oct 4, 2024
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses... High Unreviewed
CVE-2024-7713 was published Sep 27, 2024
Cleartext transmission of sensitive information in the management console of Ivanti Workspace... High Unreviewed
CVE-2024-44105 was published Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of... High Unreviewed
CVE-2024-7408 was published Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password... High Unreviewed
CVE-2024-41687 was published Jul 26, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.... High Unreviewed
CVE-2024-5996 was published Jun 14, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed
CVE-2024-37393 was published Jun 10, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary... High Unreviewed
CVE-2024-35060 was published May 21, 2024
An unauthenticated remote attacker... High Unreviewed
CVE-2024-28134 was published May 14, 2024
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge... High Unreviewed
CVE-2022-32510 was published May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could... High Unreviewed
CVE-2024-4161 was published Apr 25, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of... High Unreviewed
CVE-2024-25960 was published Mar 28, 2024
The affected product is vulnerable to a cleartext transmission of sensitive information... High Unreviewed
CVE-2024-0860 was published Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption... High Unreviewed
CVE-2024-26288 was published Mar 12, 2024
Windows Printing Service Spoofing Vulnerability High Unreviewed
CVE-2024-21406 was published Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances... High Unreviewed
CVE-2023-32328 was published Feb 7, 2024
An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information... High Unreviewed
CVE-2023-50614 was published Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database