Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Loading
The Sante PACS Server Web Portal sends credential information without encryption. Critical Unreviewed
CVE-2025-54156 was published Aug 19, 2025
Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in... Critical Unreviewed
CVE-2025-4378 was published Jun 26, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32880 was published Jun 20, 2025
An issue in CloudClassroom PHP Project v.1.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-26199 was published Jun 18, 2025
The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could... Critical Unreviewed
CVE-2025-27720 was published May 9, 2025
Issue in my product in blah version x on y allows bad person to break Critical Unreviewed
CVE-2025-4475 was published May 8, 2025
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec... Critical Unreviewed
CVE-2024-12378 was published May 8, 2025
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows... Critical Unreviewed
CVE-2025-47419 was published May 6, 2025
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently... Critical Unreviewed
CVE-2025-2311 was published Mar 20, 2025
Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to... Critical Unreviewed
CVE-2024-13872 was published Mar 12, 2025
The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and... Critical Unreviewed
CVE-2022-41545 was published Feb 18, 2025
Improper data protection on the ventilator's serial interface could allow an attacker to send and... Critical Unreviewed
CVE-2024-9834 was published Nov 14, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38891 was published Aug 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30209 was published May 14, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed
CVE-2023-39172 was published Dec 7, 2023
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan... Critical Unreviewed
CVE-2023-33730 was published May 31, 2023
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause... Critical Unreviewed
CVE-2022-46680 was published May 22, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical... Critical Unreviewed
CVE-2023-30354 was published May 10, 2023
Last Yard 22.09.8-1 does not enforce HSTS headers Critical Unreviewed
CVE-2022-47714 was published Feb 1, 2023
Communication between the client and the server application of the affected products is partially... Critical Unreviewed
CVE-2022-3929 was published Jan 6, 2023
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software... Critical Unreviewed
CVE-2022-43724 was published Dec 13, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic... Critical Unreviewed
CVE-2022-33321 was published Nov 9, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Critical Unreviewed
CVE-2022-34371 was published Sep 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database