Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

50 advisories

Loading
github.com/go-acme/lego/v4/acme/api does not enforce HTTPS Low
CVE-2025-54799 was published for github.com/go-acme/lego (Go) Aug 6, 2025
songgao chrisnojima
AMarcedone
HCL IEM is affected by a password in cleartext vulnerability.  Sensitive information is... Low Unreviewed
CVE-2025-0252 was published Jul 25, 2025
HCL IEM is affected by an authorization token sent in cookie vulnerability.  A token used for... Low Unreviewed
CVE-2025-0250 was published Jul 25, 2025
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels... Low Unreviewed
CVE-2025-53861 was published Jul 11, 2025
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs... Low Unreviewed
CVE-2025-4227 was published Jun 13, 2025
IBM InfoSphere Information Server 11.7 DataStage Flow Designer  transmits sensitive information... Low Unreviewed
CVE-2025-25046 was published Apr 24, 2025
A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3... Low Unreviewed
CVE-2025-3329 was published Apr 7, 2025
HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. ... Low Unreviewed
CVE-2024-42181 was published Jan 13, 2025
iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive... Low Unreviewed
CVE-2024-11946 was published Dec 30, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote... Low Unreviewed
CVE-2024-49820 was published Dec 17, 2024
Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information... Low Unreviewed
CVE-2024-47577 was published Dec 10, 2024
Moodle authorization headers preserved between "emulated redirects" Low
CVE-2024-43432 was published for moodle/moodle (Composer) Nov 11, 2024
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in... Low Unreviewed
CVE-2024-8013 was published Oct 28, 2024
The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed
CVE-2024-45838 was published Sep 26, 2024
The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed
CVE-2024-47124 was published Sep 26, 2024
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS` Low
CVE-2024-41124 was published for puncia (pip) Jul 19, 2024
SCH227 g147
Sametime is impacted by sensitive information passed in URL. Low Unreviewed
CVE-2023-45716 was published Feb 10, 2024
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the... Low Unreviewed
CVE-2023-43503 was published Nov 14, 2023
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as... Low Unreviewed
CVE-2023-5461 was published Oct 9, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This... Low Unreviewed
CVE-2023-3763 was published Jul 19, 2023
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this... Low Unreviewed
CVE-2023-3761 was published Jul 19, 2023
An insecure connection between Systems Manager and CQI Reporter application could expose infusion... Low Unreviewed
CVE-2023-30565 was published Jul 13, 2023
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7,... Low Unreviewed
CVE-2022-41983 was published Oct 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database