GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,647

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Filter by severity

Sort by

Least recently updated

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text... Moderate Unreviewed

CVE-2024-26155 was published Jan 17, 2025

A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA... Moderate Unreviewed

CVE-2024-45102 was published Jan 15, 2025

Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed

CVE-2021-26565 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation... Moderate Unreviewed

CVE-2020-27656 was published May 24, 2022

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to... Moderate Unreviewed

CVE-2021-39090 was published Feb 29, 2024

IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms... Moderate Unreviewed

CVE-2021-39081 was published Dec 19, 2024

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote... Moderate Unreviewed

CVE-2024-49819 was published Dec 17, 2024

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2024-53246 was published Dec 10, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-29892 was published Dec 3, 2024

In affected versions of Octopus Server under certain circumstances it is possible for sensitive... Moderate Unreviewed

CVE-2024-6972 was published Jul 25, 2024

Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R)... Moderate Unreviewed

CVE-2024-28169 was published Nov 13, 2024

Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may... Moderate Unreviewed

CVE-2024-0066 was published Jun 18, 2024

It is possible for an API key to be logged in clear text in the audit log file after an invalid... Moderate Unreviewed

CVE-2023-4509 was published Apr 18, 2024

ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of... Moderate Unreviewed

CVE-2024-50624 was published Oct 28, 2024

An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0... Moderate Unreviewed

CVE-2024-35495 was published Sep 30, 2024

A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive... Moderate Unreviewed

CVE-2024-32946 was published Oct 30, 2024

An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged... Moderate Unreviewed

CVE-2024-40595 was published Oct 24, 2024

Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak... Moderate Unreviewed

CVE-2024-40090 was published Oct 21, 2024

Cleartext transmission of sensitive information in acep-collector service. The following products... Moderate Unreviewed

CVE-2024-49387 was published Oct 15, 2024

A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which... Moderate Unreviewed

CVE-2024-9620 was published Oct 8, 2024

"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed

CVE-2022-38710 was published Nov 4, 2022

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed

CVE-2024-43180 was published Sep 13, 2024

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed

CVE-2024-41927 was published Sep 4, 2024

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed

CVE-2023-27291 was published Mar 3, 2024

IPMI credentials may be captured in XCC audit log entries when the account username length is 16... Moderate Unreviewed

CVE-2024-8059 was published Sep 13, 2024

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories