GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
175 advisories
Filter by severity
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result...
High
Unreviewed
CVE-2025-1060
was published
Feb 13, 2025
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older...
High
Unreviewed
CVE-2025-0556
was published
Feb 12, 2025
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from...
High
Unreviewed
CVE-2024-36558
was published
Feb 6, 2025
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is...
High
Unreviewed
CVE-2023-32290
was published
May 7, 2023
A Credential Exposure Vulnerability exists in the above-mentioned product and version. The...
High
Unreviewed
CVE-2025-0631
was published
Jan 28, 2025
Web browser interface may manipulate application username/password in clear text or Base64...
High
Unreviewed
CVE-2024-6515
was published
Dec 5, 2024
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform...
High
Unreviewed
CVE-2024-50634
was published
Nov 8, 2024
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge...
High
Unreviewed
CVE-2022-32510
was published
May 14, 2024
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-48788
was published
Oct 11, 2024
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses...
High
Unreviewed
CVE-2024-7713
was published
Sep 27, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage...
High
Unreviewed
CVE-2024-47789
was published
Oct 4, 2024
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits...
High
Unreviewed
CVE-2023-46383
was published
Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin...
High
Unreviewed
CVE-2023-46385
was published
Dec 1, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46382
was published
Nov 5, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46380
was published
Nov 5, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
Cleartext transmission of sensitive information in the management console of Ivanti Workspace...
High
Unreviewed
CVE-2024-44105
was published
Sep 10, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of...
High
Unreviewed
CVE-2024-7408
was published
Aug 12, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password...
High
Unreviewed
CVE-2024-41687
was published
Jul 26, 2024
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API