Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command... High Unreviewed
CVE-2025-32887 was published May 2, 2025
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a... Moderate Unreviewed
CVE-2025-32884 was published May 2, 2025
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows... Critical Unreviewed
CVE-2025-47419 was published May 6, 2025
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec... Critical Unreviewed
CVE-2024-12378 was published May 8, 2025
Issue in my product in blah version x on y allows bad person to break Critical Unreviewed
CVE-2025-4475 was published May 8, 2025
The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could... Critical Unreviewed
CVE-2025-27720 was published May 9, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with... Moderate Unreviewed
CVE-2025-40583 was published May 13, 2025
Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA... Moderate Unreviewed
CVE-2025-0136 was published May 14, 2025
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed
CVE-2018-10634 was published May 13, 2022
This issue was addressed by using HTTPS when sending information over the network. This issue is... Moderate Unreviewed
CVE-2022-32857 was published Aug 25, 2022
An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed... Moderate Unreviewed
CVE-2021-42111 was published May 24, 2022
Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext,... Moderate Unreviewed
CVE-2025-44612 was published May 30, 2025
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of... Moderate Unreviewed
CVE-2024-50624 was published Oct 28, 2024
Sametime is impacted by sensitive information passed in URL. Low Unreviewed
CVE-2023-45716 was published Feb 10, 2024
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This... High Unreviewed
CVE-2025-5270 was published May 27, 2025
All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept... High Unreviewed
CVE-2025-49183 was published Jun 12, 2025
The server supports authentication methods in which credentials are sent in plaintext over... High Unreviewed
CVE-2025-49194 was published Jun 12, 2025
The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive... Moderate Unreviewed
CVE-2022-30312 was published Sep 8, 2022
The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,... Moderate Unreviewed
CVE-2023-46447 was published Jan 20, 2024
An issue in CloudClassroom PHP Project v.1.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-26199 was published Jun 18, 2025
Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over... Moderate Unreviewed
CVE-2025-5087 was published Jun 24, 2025
IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses... Moderate Unreviewed
CVE-2025-36034 was published Jun 26, 2025
Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in... Critical Unreviewed
CVE-2025-4378 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database