GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,573

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

451 advisories

Filter by severity

Sort by

Least recently updated

Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may... Moderate Unreviewed

CVE-2024-0066 was published Jun 18, 2024

An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge... High Unreviewed

CVE-2022-32510 was published May 14, 2024

It is possible for an API key to be logged in clear text in the audit log file after an invalid... Moderate Unreviewed

CVE-2023-4509 was published Apr 18, 2024

ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of... Moderate Unreviewed

CVE-2024-50624 was published Oct 28, 2024

An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0... Moderate Unreviewed

CVE-2024-35495 was published Sep 30, 2024

A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive... Moderate Unreviewed

CVE-2024-32946 was published Oct 30, 2024

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed

CVE-2024-25735 was published Mar 27, 2024

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in... Low Unreviewed

CVE-2024-8013 was published Oct 28, 2024

An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged... Moderate Unreviewed

CVE-2024-40595 was published Oct 24, 2024

Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak... Moderate Unreviewed

CVE-2024-40090 was published Oct 21, 2024

An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive... High Unreviewed

CVE-2024-48788 was published Oct 11, 2024

Cleartext transmission of sensitive information in acep-collector service. The following products... Moderate Unreviewed

CVE-2024-49387 was published Oct 15, 2024

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An... High Unreviewed

CVE-2023-30602 was published Jul 6, 2023

A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which... Moderate Unreviewed

CVE-2024-9620 was published Oct 8, 2024

The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed

CVE-2024-47124 was published Sep 26, 2024

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses... High Unreviewed

CVE-2024-7713 was published Sep 27, 2024

** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage... High Unreviewed

CVE-2024-47789 was published Oct 4, 2024

The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed

CVE-2024-45838 was published Sep 26, 2024

"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed

CVE-2022-38710 was published Nov 4, 2022

LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits... High Unreviewed

CVE-2023-46383 was published Dec 1, 2023

LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin... High Unreviewed

CVE-2023-46385 was published Dec 1, 2023

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed

CVE-2024-43180 was published Sep 13, 2024

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed

CVE-2023-46382 was published Nov 5, 2023

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed

CVE-2023-46380 was published Nov 5, 2023

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed

CVE-2023-33837 was published Oct 23, 2023

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

451 advisories