GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
170 advisories
Filter by severity
Web browser interface may manipulate application username/password in clear text or Base64...
High
Unreviewed
CVE-2024-6515
was published
Dec 5, 2024
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform...
High
Unreviewed
CVE-2024-50634
was published
Nov 8, 2024
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-48788
was published
Oct 11, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage...
High
Unreviewed
CVE-2024-47789
was published
Oct 4, 2024
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses...
High
Unreviewed
CVE-2024-7713
was published
Sep 27, 2024
Cleartext transmission of sensitive information in the management console of Ivanti Workspace...
High
Unreviewed
CVE-2024-44105
was published
Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of...
High
Unreviewed
CVE-2024-7408
was published
Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password...
High
Unreviewed
CVE-2024-41687
was published
Jul 26, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge...
High
Unreviewed
CVE-2022-32510
was published
May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of...
High
Unreviewed
CVE-2024-25960
was published
Mar 28, 2024
The affected product is vulnerable to a cleartext transmission of sensitive information...
High
Unreviewed
CVE-2024-0860
was published
Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption...
High
Unreviewed
CVE-2024-26288
was published
Mar 12, 2024
Windows Printing Service Spoofing Vulnerability
High
Unreviewed
CVE-2024-21406
was published
Feb 13, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances...
High
Unreviewed
CVE-2023-32328
was published
Feb 7, 2024
An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information...
High
Unreviewed
CVE-2023-50614
was published
Jan 19, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of...
High
Unreviewed
CVE-2023-51740
was published
Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of...
High
Unreviewed
CVE-2023-51741
was published
Jan 17, 2024
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),...
High
Unreviewed
CVE-2023-31300
was published
Dec 29, 2023
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x...
High
Unreviewed
CVE-2023-28616
was published
Dec 26, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits...
High
Unreviewed
CVE-2023-46383
was published
Dec 1, 2023
ProTip!
Advisories are also available from the
GraphQL API