GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
435 advisories
Filter by severity
The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users.
These callsigns reveal...
Low
Unreviewed
CVE-2024-45838
was published
Sep 26, 2024
The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal...
Low
Unreviewed
CVE-2024-47124
was published
Sep 26, 2024
A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that...
Moderate
Unreviewed
CVE-2024-45101
was published
Sep 13, 2024
IPMI credentials may be captured in XCC audit log entries when the account username length is 16...
Moderate
Unreviewed
CVE-2024-8059
was published
Sep 13, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies....
Moderate
Unreviewed
CVE-2024-43180
was published
Sep 13, 2024
Cleartext transmission of sensitive information in the management console of Ivanti Workspace...
High
Unreviewed
CVE-2024-44105
was published
Sep 10, 2024
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an...
Moderate
Unreviewed
CVE-2024-41927
was published
Sep 4, 2024
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with...
Moderate
Unreviewed
CVE-2024-31799
was published
Aug 15, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of...
High
Unreviewed
CVE-2024-7408
was published
Aug 12, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38891
was published
Aug 2, 2024
Under certain circumstances exacqVision Web Services will not enforce secure web communications ...
Moderate
Unreviewed
CVE-2024-32864
was published
Aug 1, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password...
High
Unreviewed
CVE-2024-41687
was published
Jul 26, 2024
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,...
Moderate
Unreviewed
CVE-2024-5631
was published
Jul 9, 2024
Plain text credentials and session ID can be captured with a network sniffer.
Moderate
Unreviewed
CVE-2024-37183
was published
Jun 21, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
Toshiba printers will display the password of the admin user in clear-text and additional...
Moderate
Unreviewed
CVE-2024-27163
was published
Jun 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Moderate
Unreviewed
CVE-2024-35210
was published
Jun 11, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user...
Moderate
Unreviewed
CVE-2024-0098
was published
May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive...
Moderate
Unreviewed
CVE-2024-28275
was published
Apr 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of...
High
Unreviewed
CVE-2024-25960
was published
Mar 28, 2024
ProTip!
Advisories are also available from the
GraphQL API