GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,318
Composer 4,131
Erlang 29
GitHub Actions 19
Go 1,936
Maven 5,131
npm 3,676
NuGet 642
pip 3,291
Pub 11
RubyGems 873
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,293

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

258 advisories

Filter by severity

Sort by

Least recently updated

Cleartext transmission of sensitive information in acep-collector service. The following products... Moderate Unreviewed

CVE-2024-49387 was published Oct 15, 2024

A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which... Moderate Unreviewed

CVE-2024-9620 was published Oct 8, 2024

A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that... Moderate Unreviewed

CVE-2024-45101 was published Sep 13, 2024

IPMI credentials may be captured in XCC audit log entries when the account username length is 16... Moderate Unreviewed

CVE-2024-8059 was published Sep 13, 2024

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed

CVE-2024-43180 was published Sep 13, 2024

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed

CVE-2024-41927 was published Sep 4, 2024

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with... Moderate Unreviewed

CVE-2024-31799 was published Aug 15, 2024

Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability Moderate

CVE-2024-38167 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Aug 13, 2024

Under certain circumstances exacqVision Web Services will not enforce secure web communications ... Moderate Unreviewed

CVE-2024-32864 was published Aug 1, 2024

Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,... Moderate Unreviewed

CVE-2024-5631 was published Jul 9, 2024

Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin Moderate

CVE-2024-39459 was published for org.jenkins-ci.plugins:plain-credentials (Maven) Jun 26, 2024

Plain text credentials and session ID can be captured with a network sniffer. Moderate Unreviewed

CVE-2024-37183 was published Jun 21, 2024

Toshiba printers will display the password of the admin user in clear-text and additional... Moderate Unreviewed

CVE-2024-27163 was published Jun 14, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35210 was published Jun 11, 2024

NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user... Moderate Unreviewed

CVE-2024-0098 was published May 14, 2024

Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive... Moderate Unreviewed

CVE-2024-28275 was published Apr 3, 2024

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed

CVE-2023-27291 was published Mar 3, 2024

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed

CVE-2023-47745 was published Mar 3, 2024

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed

CVE-2023-42016 was published Feb 9, 2024

An attacker with access to the network where the affected devices are located could... Moderate Unreviewed

CVE-2023-40544 was published Feb 7, 2024

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS)... Moderate Unreviewed

CVE-2023-50962 was published Feb 2, 2024

Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2... Moderate Unreviewed

CVE-2023-51201 was published Jan 24, 2024

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local... Moderate Unreviewed

CVE-2023-42144 was published Jan 23, 2024

Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the... Moderate Unreviewed

CVE-2023-46889 was published Jan 23, 2024

The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,... Moderate Unreviewed

CVE-2023-46447 was published Jan 20, 2024

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

258 advisories