GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,169

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

631 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for... Moderate Unreviewed

CVE-2025-2861 was published Mar 28, 2025

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is... Moderate Unreviewed

CVE-2024-45361 was published Mar 27, 2025

Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently... Critical Unreviewed

CVE-2025-2311 was published Mar 20, 2025

In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is... Moderate Unreviewed

CVE-2024-10718 was published Mar 20, 2025

This issue was addressed by using HTTPS when sending information over the network. This issue is... High Unreviewed

CVE-2024-44276 was published Mar 17, 2025

The device uses an unencrypted, proprietary protocol for communication. Through this protocol,... High Unreviewed

CVE-2025-27594 was published Mar 14, 2025

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to... Critical Unreviewed

CVE-2024-13872 was published Mar 12, 2025

Secure flag not set and SameSIte was set to Lax in the Foreseer Reporting Software (FRS). Absence... Moderate Unreviewed

CVE-2025-22493 was published Mar 5, 2025

Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed

CVE-2025-24849 was published Feb 28, 2025

Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were... Moderate Unreviewed

CVE-2025-25728 was published Feb 28, 2025

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and... Critical Unreviewed

CVE-2022-41545 was published Feb 18, 2025

If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP... Moderate Unreviewed

CVE-2024-5462 was published Feb 15, 2025

CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result... High Unreviewed

CVE-2025-1060 was published Feb 13, 2025

In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older... High Unreviewed

CVE-2025-0556 was published Feb 12, 2025

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from... High Unreviewed

CVE-2024-36558 was published Feb 6, 2025

Keycloak on Quarkus CLI option for encrypted JGroups ignored Moderate

CVE-2024-10973 was published for org.keycloak:keycloak-quarkus-server (Maven) Feb 5, 2025

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or... Moderate Unreviewed

CVE-2024-43187 was published Feb 4, 2025

A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances... Moderate Unreviewed

CVE-2025-23060 was published Feb 4, 2025

IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear... Moderate Unreviewed

CVE-2023-35017 was published Jan 29, 2025

A Credential Exposure Vulnerability exists in the above-mentioned product and version. The... High Unreviewed

CVE-2025-0631 was published Jan 28, 2025

EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added,... Moderate Unreviewed

CVE-2025-0432 was published Jan 28, 2025

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication... Moderate Unreviewed

CVE-2024-28786 was published Jan 28, 2025

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text... Moderate Unreviewed

CVE-2024-26155 was published Jan 17, 2025

The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over... Moderate Unreviewed

CVE-2024-48121 was published Jan 15, 2025

A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA... Moderate Unreviewed

CVE-2024-45102 was published Jan 15, 2025

Previous 1…3…26 Next

Previous 1 2 3 4 5 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

631 advisories