Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Loading
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon... Moderate Unreviewed
CVE-2025-10227 was published Sep 10, 2025
Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that... Moderate Unreviewed
CVE-2025-1688 was published Apr 15, 2025
HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms... Moderate Unreviewed
CVE-2025-31977 was published Aug 28, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41982 was published Aug 12, 2025
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed
CVE-2021-37209 was published Mar 9, 2022
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43274 was published Jul 30, 2025
Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the... Moderate Unreviewed
CVE-2025-40680 was published Jul 25, 2025
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information... Moderate Unreviewed
CVE-2025-33020 was published Jul 23, 2025
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could be vulnerable to information... Moderate Unreviewed
CVE-2025-36062 was published Jul 21, 2025
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-8849 was published May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions... Moderate Unreviewed
CVE-2018-18984 was published May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-10631 was published May 13, 2022
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http... Moderate Unreviewed
CVE-2017-9045 was published May 13, 2022
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6... Moderate Unreviewed
CVE-2017-7485 was published May 13, 2022
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption... Moderate Unreviewed
CVE-2017-6297 was published May 13, 2022
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2... Moderate Unreviewed
CVE-2023-37405 was published Mar 27, 2025
When saving HSTS data to an excessively long file name, curl could end up removing all contents,... Moderate Unreviewed
CVE-2023-46219 was published Dec 12, 2023
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption... Moderate Unreviewed
CVE-2024-40620 was published Aug 14, 2024
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote... Moderate Unreviewed
CVE-2024-38325 was published Jan 27, 2025
IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-41757 was published Jan 24, 2025
Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the... Moderate Unreviewed
CVE-2020-27650 was published May 24, 2022
On Arista CloudVision Appliance (CVA) affected releases running on appliances that support... Moderate Unreviewed
CVE-2024-7142 was published Jan 11, 2025
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-39090 was published Feb 29, 2024
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific... Moderate Unreviewed
CVE-2023-21404 was published May 8, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20515 was published Oct 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database