Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
Cleartext transmission of sensitive information in the management console of Ivanti Workspace... High Unreviewed
CVE-2024-44105 was published Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of... High Unreviewed
CVE-2024-7408 was published Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password... High Unreviewed
CVE-2024-41687 was published Jul 26, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.... High Unreviewed
CVE-2024-5996 was published Jun 14, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed
CVE-2024-37393 was published Jun 10, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary... High Unreviewed
CVE-2024-35060 was published May 21, 2024
NASA AIT-Core vulnerable to remote code execution High
CVE-2024-35057 was published for ait-core (pip) May 21, 2024
NASA AIT-Core vulnerable to remote code execution High
CVE-2024-35058 was published for ait-core (pip) May 21, 2024
An unauthenticated remote attacker... High Unreviewed
CVE-2024-28134 was published May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could... High Unreviewed
CVE-2024-4161 was published Apr 25, 2024
dectalk-tts Uses Unencrypted HTTP Request High
CVE-2024-31206 was published for dectalk-tts (npm) Apr 4, 2024
AverageHelper JstnMcBrd
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of... High Unreviewed
CVE-2024-25960 was published Mar 28, 2024
The affected product is vulnerable to a cleartext transmission of sensitive information... High Unreviewed
CVE-2024-0860 was published Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption... High Unreviewed
CVE-2024-26288 was published Mar 12, 2024
Windows Printing Service Spoofing Vulnerability High Unreviewed
CVE-2024-21406 was published Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances... High Unreviewed
CVE-2023-32328 was published Feb 7, 2024
An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information... High Unreviewed
CVE-2023-50614 was published Jan 19, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of... High Unreviewed
CVE-2023-51741 was published Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of... High Unreviewed
CVE-2023-51740 was published Jan 17, 2024
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass High
CVE-2024-0056 was published for Microsoft.Data.SqlClient (NuGet) Jan 9, 2024
cheenamalhotra
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),... High Unreviewed
CVE-2023-31300 was published Dec 29, 2023
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x... High Unreviewed
CVE-2023-28616 was published Dec 26, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits... High Unreviewed
CVE-2023-46383 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin... High Unreviewed
CVE-2023-46385 was published Dec 1, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46380 was published Nov 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database