GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
170 advisories
Filter by severity
Web browser interface may manipulate application username/password in clear text or Base64...
High
Unreviewed
CVE-2024-6515
was published
Dec 5, 2024
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform...
High
Unreviewed
CVE-2024-50634
was published
Nov 8, 2024
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge...
High
Unreviewed
CVE-2022-32510
was published
May 14, 2024
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-48788
was published
Oct 11, 2024
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses...
High
Unreviewed
CVE-2024-7713
was published
Sep 27, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage...
High
Unreviewed
CVE-2024-47789
was published
Oct 4, 2024
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits...
High
Unreviewed
CVE-2023-46383
was published
Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin...
High
Unreviewed
CVE-2023-46385
was published
Dec 1, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46382
was published
Nov 5, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46380
was published
Nov 5, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
Cleartext transmission of sensitive information in the management console of Ivanti Workspace...
High
Unreviewed
CVE-2024-44105
was published
Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of...
High
Unreviewed
CVE-2024-7408
was published
Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password...
High
Unreviewed
CVE-2024-41687
was published
Jul 26, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
Authorization bypass through user-controlled key vulnerability in MELSEC iQ-R series Safety CPU...
High
Unreviewed
CVE-2021-20599
was published
May 24, 2022
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
Windows Printing Service Spoofing Vulnerability
High
Unreviewed
CVE-2024-21406
was published
Feb 13, 2024
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config...
High
Unreviewed
CVE-2022-47892
was published
Oct 3, 2023
In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using...
High
Unreviewed
CVE-2022-42916
was published
Oct 29, 2022
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking...
High
Unreviewed
CVE-2021-22946
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API