GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
33 advisories
Filter by severity
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38891
was published
Aug 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can...
Critical
Unreviewed
CVE-2024-25735
was published
Mar 27, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information...
Critical
Unreviewed
CVE-2023-39245
was published
Feb 15, 2024
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated...
Critical
Unreviewed
CVE-2023-39172
was published
Dec 7, 2023
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan...
Critical
Unreviewed
CVE-2023-33730
was published
May 31, 2023
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could
cause...
Critical
Unreviewed
CVE-2022-46680
was published
May 22, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical...
Critical
Unreviewed
CVE-2023-30354
was published
May 10, 2023
Communication between the client and the server application of the affected products is partially...
Critical
Unreviewed
CVE-2022-3929
was published
Jan 6, 2023
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software...
Critical
Unreviewed
CVE-2022-43724
was published
Dec 13, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic...
Critical
Unreviewed
CVE-2022-33321
was published
Nov 9, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0...
Critical
Unreviewed
CVE-2022-34371
was published
Sep 3, 2022
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU...
Critical
Unreviewed
CVE-2022-2003
was published
Sep 1, 2022
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone....
Critical
Unreviewed
CVE-2021-22380
was published
May 24, 2022
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2...
Critical
Unreviewed
CVE-2020-26197
was published
May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow...
Critical
Unreviewed
CVE-2020-4899
was published
May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and...
Critical
Unreviewed
CVE-2020-25190
was published
May 24, 2022
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client...
Critical
Unreviewed
CVE-2020-5426
was published
May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ...
Critical
Unreviewed
CVE-2019-17393
was published
May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0...
Critical
Unreviewed
CVE-2019-3793
was published
May 24, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's...
Critical
Unreviewed
CVE-2018-7246
was published
May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account...
Critical
Unreviewed
CVE-2018-7259
was published
May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
Critical
Unreviewed
CVE-2018-6295
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API