GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,109
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,103
npm 3,634
NuGet 638
pip 3,250
Pub 10
RubyGems 867
Rust 819
Swift 35

Unreviewed advisories

All unreviewed 228,649

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

433 advisories

Filter by severity

Sort by

Least recently updated

"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed

CVE-2022-38710 was published Nov 4, 2022

LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits... High Unreviewed

CVE-2023-46383 was published Dec 1, 2023

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed

CVE-2024-43180 was published Sep 13, 2024

LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin... High Unreviewed

CVE-2023-46385 was published Dec 1, 2023

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed

CVE-2023-46382 was published Nov 5, 2023

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed

CVE-2023-46380 was published Nov 5, 2023

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed

CVE-2023-33837 was published Oct 23, 2023

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed

CVE-2024-41927 was published Sep 4, 2024

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed

CVE-2023-27291 was published Mar 3, 2024

A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that... Moderate Unreviewed

CVE-2024-45101 was published Sep 13, 2024

IPMI credentials may be captured in XCC audit log entries when the account username length is 16... Moderate Unreviewed

CVE-2024-8059 was published Sep 13, 2024

Cleartext transmission of sensitive information in the management console of Ivanti Workspace... High Unreviewed

CVE-2024-44105 was published Sep 10, 2024

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with... Moderate Unreviewed

CVE-2024-31799 was published Aug 15, 2024

This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of... High Unreviewed

CVE-2024-7408 was published Aug 12, 2024

Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,... Moderate Unreviewed

CVE-2024-5631 was published Jul 9, 2024

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed

CVE-2024-38891 was published Aug 2, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35210 was published Jun 11, 2024

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password... High Unreviewed

CVE-2024-41687 was published Jul 26, 2024

Under certain circumstances exacqVision Web Services will not enforce secure web communications ... Moderate Unreviewed

CVE-2024-32864 was published Aug 1, 2024

Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive... Moderate Unreviewed

CVE-2024-28275 was published Apr 3, 2024

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary... High Unreviewed

CVE-2024-35060 was published May 21, 2024

Toshiba printers will display the password of the admin user in clear-text and additional... Moderate Unreviewed

CVE-2024-27163 was published Jun 14, 2024

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed

CVE-2024-37393 was published Jun 10, 2024

Plain text credentials and session ID can be captured with a network sniffer. Moderate Unreviewed

CVE-2024-37183 was published Jun 21, 2024

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.... High Unreviewed

CVE-2024-5996 was published Jun 14, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

433 advisories