Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

507 advisories

Loading
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits... High Unreviewed
CVE-2023-46383 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin... High Unreviewed
CVE-2023-46385 was published Dec 1, 2023
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed
CVE-2024-43180 was published Sep 13, 2024
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46382 was published Nov 5, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46380 was published Nov 5, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed
CVE-2023-33837 was published Oct 23, 2023
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed
CVE-2024-41927 was published Sep 4, 2024
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed
CVE-2023-27291 was published Mar 3, 2024
Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS Moderate
CVE-2019-12781 was published for Django (pip) Jul 3, 2019
A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that... Moderate Unreviewed
CVE-2024-45101 was published Sep 13, 2024
IPMI credentials may be captured in XCC audit log entries when the account username length is 16... Moderate Unreviewed
CVE-2024-8059 was published Sep 13, 2024
Cleartext transmission of sensitive information in the management console of Ivanti Workspace... High Unreviewed
CVE-2024-44105 was published Sep 10, 2024
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with... Moderate Unreviewed
CVE-2024-31799 was published Aug 15, 2024
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability Moderate
CVE-2024-38167 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Aug 13, 2024
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of... High Unreviewed
CVE-2024-7408 was published Aug 12, 2024
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,... Moderate Unreviewed
CVE-2024-5631 was published Jul 9, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38891 was published Aug 2, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2024-35210 was published Jun 11, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password... High Unreviewed
CVE-2024-41687 was published Jul 26, 2024
NASA AIT-Core vulnerable to remote code execution High
CVE-2024-35058 was published for ait-core (pip) May 21, 2024
NASA AIT-Core vulnerable to remote code execution High
CVE-2024-35057 was published for ait-core (pip) May 21, 2024
Under certain circumstances exacqVision Web Services will not enforce secure web communications ... Moderate Unreviewed
CVE-2024-32864 was published Aug 1, 2024
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive... Moderate Unreviewed
CVE-2024-28275 was published Apr 3, 2024
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS` Low
CVE-2024-41124 was published for puncia (pip) Jul 19, 2024
SCH227 g147
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary... High Unreviewed
CVE-2024-35060 was published May 21, 2024
ProTip! Advisories are also available from the GraphQL API