GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
163 advisories
Filter by severity
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits...
High
Unreviewed
CVE-2023-46383
was published
Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin...
High
Unreviewed
CVE-2023-46385
was published
Dec 1, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46382
was published
Nov 5, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46380
was published
Nov 5, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
Cleartext transmission of sensitive information in the management console of Ivanti Workspace...
High
Unreviewed
CVE-2024-44105
was published
Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of...
High
Unreviewed
CVE-2024-7408
was published
Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password...
High
Unreviewed
CVE-2024-41687
was published
Jul 26, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
Authorization bypass through user-controlled key vulnerability in MELSEC iQ-R series Safety CPU...
High
Unreviewed
CVE-2021-20599
was published
May 24, 2022
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
Windows Printing Service Spoofing Vulnerability
High
Unreviewed
CVE-2024-21406
was published
Feb 13, 2024
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config...
High
Unreviewed
CVE-2022-47892
was published
Oct 3, 2023
In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using...
High
Unreviewed
CVE-2022-42916
was published
Oct 29, 2022
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking...
High
Unreviewed
CVE-2021-22946
was published
May 24, 2022
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment...
High
Unreviewed
CVE-2023-38276
was published
Oct 22, 2023
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container...
High
Unreviewed
CVE-2023-38275
was published
Oct 22, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a cleartext...
High
Unreviewed
CVE-2023-34441
was published
Oct 19, 2023
IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an...
High
Unreviewed
CVE-2022-22385
was published
Oct 17, 2023
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra...
High
Unreviewed
CVE-2023-3361
was published
Oct 4, 2023
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which...
High
Unreviewed
CVE-2023-43124
was published
Sep 27, 2023
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which...
High
Unreviewed
CVE-2023-43125
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API