Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

193 advisories

Loading
The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed
CVE-2025-52586 was published Aug 8, 2025
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An... High Unreviewed
CVE-2025-41708 was published Sep 8, 2025
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users... High Unreviewed
CVE-2025-52351 was published Aug 21, 2025
The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit... High Unreviewed
CVE-2025-6180 was published Aug 20, 2025
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data... High Unreviewed
CVE-2025-8863 was published Aug 11, 2025
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and... High Unreviewed
CVE-2025-52490 was published Jul 29, 2025
DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that... High Unreviewed
CVE-2025-53703 was published Jul 23, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of... High Unreviewed
CVE-2025-53756 was published Jul 16, 2025
Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process. High Unreviewed
CVE-2025-44251 was published Jul 10, 2025
YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly... High Unreviewed
CVE-2025-45080 was published Jul 1, 2025
All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept... High Unreviewed
CVE-2025-49183 was published Jun 12, 2025
The server supports authentication methods in which credentials are sent in plaintext over... High Unreviewed
CVE-2025-49194 was published Jun 12, 2025
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This... High Unreviewed
CVE-2025-5270 was published May 27, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command... High Unreviewed
CVE-2025-32887 was published May 2, 2025
This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in... High Unreviewed
CVE-2025-42603 was published Apr 23, 2025
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718),... High Unreviewed
CVE-2023-31300 was published Dec 29, 2023
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be... High Unreviewed
CVE-2022-22758 was published Dec 22, 2022
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive... High Unreviewed
CVE-2023-25016 was published Feb 6, 2023
This issue was addressed by using HTTPS when sending information over the network. This issue is... High Unreviewed
CVE-2024-44276 was published Mar 17, 2025
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application... High Unreviewed
CVE-2022-45546 was published Feb 15, 2023
The device uses an unencrypted, proprietary protocol for communication. Through this protocol,... High Unreviewed
CVE-2025-27594 was published Mar 14, 2025
Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data... High Unreviewed
CVE-2025-24849 was published Feb 28, 2025
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result... High Unreviewed
CVE-2025-1060 was published Feb 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database