Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
Issue in my product in blah version x on y allows bad person to break Critical Unreviewed
CVE-2025-4475 was published May 8, 2025
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows... Critical Unreviewed
CVE-2025-47419 was published May 6, 2025
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command... High Unreviewed
CVE-2025-32887 was published May 2, 2025
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a... Moderate Unreviewed
CVE-2025-32884 was published May 2, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the... Moderate Unreviewed
CVE-2025-32881 was published May 2, 2025
Insecure key exchange between Delinea PAM Secret Server 11.4 and the Distributed Engine 8.4.3... Moderate Unreviewed
CVE-2024-25650 was published Mar 14, 2024
PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the... Moderate Unreviewed
CVE-2022-45480 was published Dec 2, 2022
Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected... Moderate Unreviewed
CVE-2022-45483 was published Dec 2, 2022
IBM InfoSphere Information Server 11.7 DataStage Flow Designer  transmits sensitive information... Low Unreviewed
CVE-2025-25046 was published Apr 24, 2025
Telepad allows an attacker (in a man-in-the-middle position between the server and a connected... Moderate Unreviewed
CVE-2022-45478 was published Dec 5, 2022
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication... Moderate Unreviewed
CVE-2025-43013 was published Apr 17, 2025
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters Moderate
CVE-2025-32793 was published for github.com/cilium/cilium (Go) Apr 21, 2025
julianwiedmann
This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in... High Unreviewed
CVE-2025-42603 was published Apr 23, 2025
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content... Moderate Unreviewed
CVE-2017-17844 was published May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface... Moderate Unreviewed
CVE-2017-14009 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue... Moderate Unreviewed
CVE-2017-7143 was published May 13, 2022
The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt... Moderate Unreviewed
CVE-2017-8444 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API).... Moderate Unreviewed
CVE-2017-3305 was published May 13, 2022
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),... High Unreviewed
CVE-2023-31300 was published Dec 29, 2023
Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use... Moderate Unreviewed
CVE-2025-43704 was published Apr 17, 2025
Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may... Moderate Unreviewed
CVE-2022-42454 was published Dec 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database