Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

181 advisories

Loading
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This... High Unreviewed
CVE-2025-5270 was published May 27, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command... High Unreviewed
CVE-2025-32887 was published May 2, 2025
This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in... High Unreviewed
CVE-2025-42603 was published Apr 23, 2025
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),... High Unreviewed
CVE-2023-31300 was published Dec 29, 2023
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be... High Unreviewed
CVE-2022-22758 was published Dec 22, 2022
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive... High Unreviewed
CVE-2023-25016 was published Feb 6, 2023
This issue was addressed by using HTTPS when sending information over the network. This issue is... High Unreviewed
CVE-2024-44276 was published Mar 17, 2025
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application... High Unreviewed
CVE-2022-45546 was published Feb 15, 2023
The device uses an unencrypted, proprietary protocol for communication. Through this protocol,... High Unreviewed
CVE-2025-27594 was published Mar 14, 2025
Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed
CVE-2025-24849 was published Feb 28, 2025
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result... High Unreviewed
CVE-2025-1060 was published Feb 13, 2025
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older... High Unreviewed
CVE-2025-0556 was published Feb 12, 2025
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from... High Unreviewed
CVE-2024-36558 was published Feb 6, 2025
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could... High Unreviewed
CVE-2024-4161 was published Apr 25, 2024
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed
CVE-2023-32290 was published May 7, 2023
A Credential Exposure Vulnerability exists in the above-mentioned product and version. The... High Unreviewed
CVE-2025-0631 was published Jan 28, 2025
Web browser interface may manipulate application username/password in clear text or Base64... High Unreviewed
CVE-2024-6515 was published Dec 5, 2024
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform... High Unreviewed
CVE-2024-50634 was published Nov 8, 2024
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge... High Unreviewed
CVE-2022-32510 was published May 14, 2024
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48788 was published Oct 11, 2024
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An... High Unreviewed
CVE-2023-30602 was published Jul 6, 2023
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses... High Unreviewed
CVE-2024-7713 was published Sep 27, 2024
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage... High Unreviewed
CVE-2024-47789 was published Oct 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database