Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

598 advisories

Loading
Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were... Moderate Unreviewed
CVE-2025-25728 was published Feb 28, 2025
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently... Critical Unreviewed
CVE-2025-2311 was published Mar 20, 2025
This issue was addressed by using HTTPS when sending information over the network. This issue is... High Unreviewed
CVE-2024-44276 was published Mar 17, 2025
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive... High Unreviewed
CVE-2023-25016 was published Feb 6, 2023
A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is... Moderate Unreviewed
CVE-2024-45361 was published Mar 27, 2025
Last Yard 22.09.8-1 does not enforce HSTS headers Critical Unreviewed
CVE-2022-47714 was published Feb 1, 2023
SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for... Moderate Unreviewed
CVE-2025-2861 was published Mar 28, 2025
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map ... Moderate Unreviewed
CVE-2005-3140 was published May 1, 2022
SAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely,... Moderate Unreviewed
CVE-2025-26654 was published Apr 8, 2025
A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3... Low Unreviewed
CVE-2025-3329 was published Apr 7, 2025
Cleartext transmission of sensitive information issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac series... Moderate Unreviewed
CVE-2025-27722 was published Apr 9, 2025
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be... High Unreviewed
CVE-2022-22758 was published Dec 22, 2022
Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may... Moderate Unreviewed
CVE-2022-42454 was published Dec 21, 2022
Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use... Moderate Unreviewed
CVE-2025-43704 was published Apr 17, 2025
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),... High Unreviewed
CVE-2023-31300 was published Dec 29, 2023
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API).... Moderate Unreviewed
CVE-2017-3305 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt... Moderate Unreviewed
CVE-2017-8444 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue... Moderate Unreviewed
CVE-2017-7143 was published May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface... Moderate Unreviewed
CVE-2017-14009 was published May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content... Moderate Unreviewed
CVE-2017-17844 was published May 13, 2022
This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in... High Unreviewed
CVE-2025-42603 was published Apr 23, 2025
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters Moderate
CVE-2025-32793 was published for github.com/cilium/cilium (Go) Apr 21, 2025
julianwiedmann
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication... Moderate Unreviewed
CVE-2025-43013 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database