Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon... Moderate Unreviewed
CVE-2025-10227 was published Sep 10, 2025
HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms... Moderate Unreviewed
CVE-2025-31977 was published Aug 28, 2025
Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to... High Unreviewed
CVE-2025-48862 was published Aug 14, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41982 was published Aug 12, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed
CVE-2024-41980 was published Aug 12, 2025
pyjwt v2.10.1 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45768 was published Jul 31, 2025
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43274 was published Jul 30, 2025
Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the... Moderate Unreviewed
CVE-2025-40680 was published Jul 25, 2025
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information... Moderate Unreviewed
CVE-2025-33020 was published Jul 23, 2025
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could be vulnerable to information... Moderate Unreviewed
CVE-2025-36062 was published Jul 21, 2025
An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A... High Unreviewed
CVE-2025-32874 was published Jul 16, 2025
git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote... High Unreviewed
CVE-2014-6274 was published Jun 26, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24008 was published May 13, 2025
Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that... Moderate Unreviewed
CVE-2025-1688 was published Apr 15, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2... Moderate Unreviewed
CVE-2023-37405 was published Mar 27, 2025
A local user may find a configuration file on the client workstation with unencrypted sensitive... High Unreviewed
CVE-2024-23942 was published Mar 18, 2025
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote... Moderate Unreviewed
CVE-2024-38325 was published Jan 27, 2025
IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-41757 was published Jan 24, 2025
On Arista CloudVision Appliance (CVA) affected releases running on appliances that support... Moderate Unreviewed
CVE-2024-7142 was published Jan 11, 2025
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what... Critical Unreviewed
CVE-2024-4995 was published Dec 18, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20515 was published Oct 2, 2024
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup... Moderate Unreviewed
CVE-2023-52950 was published Sep 26, 2024
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active... Moderate Unreviewed
CVE-2023-52948 was published Sep 26, 2024
Credentials to access device configuration were transmitted using an unencrypted protocol. These... High Unreviewed
CVE-2024-42495 was published Sep 6, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2024-20503 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database