GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,090

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal... Moderate Unreviewed

CVE-2025-31972 was published Aug 28, 2025

In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference Moderate Unreviewed

CVE-2025-57727 was published Aug 20, 2025

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to... Moderate Unreviewed

CVE-2025-36020 was published Aug 6, 2025

A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0... Moderate Unreviewed

CVE-2025-8205 was published Jul 26, 2025

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to obtain... Moderate Unreviewed

CVE-2025-36107 was published Jul 21, 2025

A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol... Moderate Unreviewed

CVE-2025-2818 was published Jul 17, 2025

All communication between the VNC server and client(s) is unencrypted. This allows an attacker to... Moderate Unreviewed

CVE-2025-27457 was published Jul 3, 2025

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses... Moderate Unreviewed

CVE-2025-36034 was published Jun 26, 2025

Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over... Moderate Unreviewed

CVE-2025-5087 was published Jun 24, 2025

Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext,... Moderate Unreviewed

CVE-2025-44612 was published May 30, 2025

MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure... Moderate Unreviewed

CVE-2025-3480 was published May 22, 2025

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA... Moderate Unreviewed

CVE-2025-0136 was published May 14, 2025

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with... Moderate Unreviewed

CVE-2025-40583 was published May 13, 2025

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a... Moderate Unreviewed

CVE-2025-32884 was published May 2, 2025

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the... Moderate Unreviewed

CVE-2025-32881 was published May 2, 2025

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication... Moderate Unreviewed

CVE-2025-43013 was published Apr 17, 2025

Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentials when configured to use... Moderate Unreviewed

CVE-2025-43704 was published Apr 17, 2025

Cleartext transmission of sensitive information issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac series... Moderate Unreviewed

CVE-2025-27722 was published Apr 9, 2025

SAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely,... Moderate Unreviewed

CVE-2025-26654 was published Apr 8, 2025

SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for... Moderate Unreviewed

CVE-2025-2861 was published Mar 28, 2025

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is... Moderate Unreviewed

CVE-2024-45361 was published Mar 27, 2025

In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is... Moderate Unreviewed

CVE-2024-10718 was published Mar 20, 2025

Secure flag not set and SameSIte was set to Lax in the Foreseer Reporting Software (FRS). Absence... Moderate Unreviewed

CVE-2025-22493 was published Mar 5, 2025

Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were... Moderate Unreviewed

CVE-2025-25728 was published Feb 28, 2025

If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP... Moderate Unreviewed

CVE-2024-5462 was published Feb 15, 2025

Previous1…12 Next

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

279 advisories