GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,676
NuGet
642
pip
3,291
Pub
11
RubyGems
873
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
514 advisories
Filter by severity
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2024-35060
was published
May 21, 2024
NASA AIT-Core vulnerable to remote code execution
Critical
CVE-2024-35059
was published
for
ait-core
(pip)
May 21, 2024
NASA AIT-Core vulnerable to remote code execution
High
CVE-2024-35057
was published
for
ait-core
(pip)
May 21, 2024
NASA AIT-Core vulnerable to remote code execution
High
CVE-2024-35058
was published
for
ait-core
(pip)
May 21, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user...
Moderate
Unreviewed
CVE-2024-0098
was published
May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
clear text. This could...
High
Unreviewed
CVE-2024-4161
was published
Apr 25, 2024
dectalk-tts Uses Unencrypted HTTP Request
High
CVE-2024-31206
was published
for
dectalk-tts
(npm)
Apr 4, 2024
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive...
Moderate
Unreviewed
CVE-2024-28275
was published
Apr 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of...
High
Unreviewed
CVE-2024-25960
was published
Mar 28, 2024
The affected product is vulnerable to a cleartext transmission of sensitive information...
High
Unreviewed
CVE-2024-0860
was published
Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption...
High
Unreviewed
CVE-2024-26288
was published
Mar 12, 2024
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical...
Moderate
Unreviewed
CVE-2023-27291
was published
Mar 3, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3...
Moderate
Unreviewed
CVE-2023-47745
was published
Mar 3, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information...
Critical
Unreviewed
CVE-2023-39245
was published
Feb 15, 2024
Windows Printing Service Spoofing Vulnerability
High
Unreviewed
CVE-2024-21406
was published
Feb 13, 2024
Sametime is impacted by sensitive information passed in URL.
Low
Unreviewed
CVE-2023-45716
was published
Feb 10, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3...
Moderate
Unreviewed
CVE-2023-42016
was published
Feb 9, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances...
High
Unreviewed
CVE-2023-32328
was published
Feb 7, 2024
An attacker with access to the network where the affected devices are located could...
Moderate
Unreviewed
CVE-2023-40544
was published
Feb 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS)...
Moderate
Unreviewed
CVE-2023-50962
was published
Feb 2, 2024
Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2...
Moderate
Unreviewed
CVE-2023-51201
was published
Jan 24, 2024
Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local...
Moderate
Unreviewed
CVE-2023-42144
was published
Jan 23, 2024
Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the...
Moderate
Unreviewed
CVE-2023-46889
was published
Jan 23, 2024
ProTip!
Advisories are also available from the
GraphQL API