Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow... Moderate Unreviewed
CVE-2024-5731 was published Jun 14, 2024
silverstripe/framework users inadvertently passing sensitive data to LoginAttempt Moderate
GHSA-ph62-fv59-vf9h was published for silverstripe/framework (Composer) May 27, 2024
Croc requires senders to provide local IP addresses in cleartext Moderate
CVE-2023-43618 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Vulnerable data in transit in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27106 was published May 14, 2024
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-22386 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-22377 was published Oct 17, 2023
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2022-33161 was published Oct 14, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN... Moderate Unreviewed
CVE-2023-23371 was published Oct 6, 2023
Push notifications stored on disk in private browsing mode were not being encrypted potentially... Moderate Unreviewed
CVE-2023-4580 was published Sep 11, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by... Moderate Unreviewed
CVE-2022-22405 was published Sep 8, 2023
Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Genian NAC V4.0, Genians... Moderate Unreviewed
CVE-2023-40251 was published Aug 17, 2023
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to... Moderate Unreviewed
CVE-2023-39841 was published Aug 15, 2023
The data flowing between the PCU and its modules is insecure. A threat actor with physical access... Moderate Unreviewed
CVE-2023-30561 was published Jul 13, 2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access... Moderate Unreviewed
CVE-2023-22948 was published Apr 13, 2023
Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed
CVE-2020-15509 was published May 24, 2022
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6... Moderate Unreviewed
CVE-2015-0558 was published May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed
CVE-2019-14959 was published May 24, 2022
Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed
CVE-2019-9681 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed
CVE-2018-17287 was published May 24, 2022
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS... Moderate Unreviewed
CVE-2012-5474 was published Apr 23, 2022
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing... Moderate Unreviewed
CVE-2024-25027 was published Mar 31, 2024
** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for... Moderate Unreviewed
CVE-2017-8769 was published May 13, 2022
IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-35888 was published Mar 20, 2024
1Panel set-cookie is missing the Secure keyword Moderate
CVE-2024-24768 was published for github.com/1Panel-dev/1Panel (Go) Feb 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database