GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
235 advisories
Filter by severity
IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2021-29892
was published
Dec 3, 2024
Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R)...
Moderate
Unreviewed
CVE-2024-28169
was published
Nov 13, 2024
A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive...
Moderate
Unreviewed
CVE-2024-32946
was published
Oct 30, 2024
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of...
Moderate
Unreviewed
CVE-2024-50624
was published
Oct 28, 2024
An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged...
Moderate
Unreviewed
CVE-2024-40595
was published
Oct 24, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak...
Moderate
Unreviewed
CVE-2024-40090
was published
Oct 21, 2024
Cleartext transmission of sensitive information in acep-collector service. The following products...
Moderate
Unreviewed
CVE-2024-49387
was published
Oct 15, 2024
A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which...
Moderate
Unreviewed
CVE-2024-9620
was published
Oct 8, 2024
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0...
Moderate
Unreviewed
CVE-2024-35495
was published
Sep 30, 2024
A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that...
Moderate
Unreviewed
CVE-2024-45101
was published
Sep 13, 2024
IPMI credentials may be captured in XCC audit log entries when the account username length is 16...
Moderate
Unreviewed
CVE-2024-8059
was published
Sep 13, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies....
Moderate
Unreviewed
CVE-2024-43180
was published
Sep 13, 2024
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an...
Moderate
Unreviewed
CVE-2024-41927
was published
Sep 4, 2024
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with...
Moderate
Unreviewed
CVE-2024-31799
was published
Aug 15, 2024
Under certain circumstances exacqVision Web Services will not enforce secure web communications ...
Moderate
Unreviewed
CVE-2024-32864
was published
Aug 1, 2024
In affected versions of Octopus Server under certain circumstances it is possible for sensitive...
Moderate
Unreviewed
CVE-2024-6972
was published
Jul 25, 2024
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,...
Moderate
Unreviewed
CVE-2024-5631
was published
Jul 9, 2024
Plain text credentials and session ID can be captured with a network sniffer.
Moderate
Unreviewed
CVE-2024-37183
was published
Jun 21, 2024
Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may...
Moderate
Unreviewed
CVE-2024-0066
was published
Jun 18, 2024
Toshiba printers will display the password of the admin user in clear-text and additional...
Moderate
Unreviewed
CVE-2024-27163
was published
Jun 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Moderate
Unreviewed
CVE-2024-35210
was published
Jun 11, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user...
Moderate
Unreviewed
CVE-2024-0098
was published
May 14, 2024
It is possible for an API key to be logged in clear text in the audit log file after an invalid...
Moderate
Unreviewed
CVE-2023-4509
was published
Apr 18, 2024
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive...
Moderate
Unreviewed
CVE-2024-28275
was published
Apr 3, 2024
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical...
Moderate
Unreviewed
CVE-2023-27291
was published
Mar 3, 2024
ProTip!
Advisories are also available from the
GraphQL API