GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,147

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal... Moderate Unreviewed

CVE-2025-31972 was published Aug 28, 2025

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed

CVE-2022-34704 was published Aug 10, 2022

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed

CVE-2024-6388 was published Jun 27, 2024

In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference Moderate Unreviewed

CVE-2025-57727 was published Aug 20, 2025

MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure... Moderate Unreviewed

CVE-2025-3480 was published May 22, 2025

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to... Moderate Unreviewed

CVE-2025-36020 was published Aug 6, 2025

A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0... Moderate Unreviewed

CVE-2025-8205 was published Jul 26, 2025

Plain text credentials and session ID can be captured with a network sniffer. Moderate Unreviewed

CVE-2024-37183 was published Jun 21, 2024

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to obtain... Moderate Unreviewed

CVE-2025-36107 was published Jul 21, 2025

A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol... Moderate Unreviewed

CVE-2025-2818 was published Jul 17, 2025

All communication between the VNC server and client(s) is unencrypted. This allows an attacker to... Moderate Unreviewed

CVE-2025-27457 was published Jul 3, 2025

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an... Moderate Unreviewed

CVE-2024-41927 was published Sep 4, 2024

In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is... Moderate Unreviewed

CVE-2024-10718 was published Mar 20, 2025

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses... Moderate Unreviewed

CVE-2025-36034 was published Jun 26, 2025

Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over... Moderate Unreviewed

CVE-2025-5087 was published Jun 24, 2025

The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,... Moderate Unreviewed

CVE-2023-46447 was published Jan 20, 2024

The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive... Moderate Unreviewed

CVE-2022-30312 was published Sep 8, 2022

ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of... Moderate Unreviewed

CVE-2024-50624 was published Oct 28, 2024

Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext,... Moderate Unreviewed

CVE-2025-44612 was published May 30, 2025

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed... Moderate Unreviewed

CVE-2021-42111 was published May 24, 2022

This issue was addressed by using HTTPS when sending information over the network. This issue is... Moderate Unreviewed

CVE-2022-32857 was published Aug 25, 2022

Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed

CVE-2018-10634 was published May 13, 2022

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA... Moderate Unreviewed

CVE-2025-0136 was published May 14, 2025

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with... Moderate Unreviewed

CVE-2025-40583 was published May 13, 2025

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a... Moderate Unreviewed

CVE-2025-32884 was published May 2, 2025

Previous1…12 Next

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

279 advisories