Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19 advisories

Loading
QuickCMS sends password and login via GET Request. This allows a local attacker with access to... Moderate Unreviewed
CVE-2025-54542 was published Aug 28, 2025
An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager... Moderate Unreviewed
CVE-2025-8997 was published Aug 25, 2025
An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of... Moderate Unreviewed
CVE-2025-51651 was published Jul 14, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed
CVE-2025-40742 was published Jul 8, 2025
The application sends user credentials as URL parameters instead of POST bodies, making it... Moderate Unreviewed
CVE-2025-49188 was published Jun 12, 2025
Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework... Moderate Unreviewed
CVE-2025-3943 was published May 22, 2025
: Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB... Moderate Unreviewed
CVE-2024-9877 was published Apr 30, 2025
In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the... Moderate Unreviewed
CVE-2017-8443 was published May 13, 2022
In JotUrl 2.0, passwords are sent via HTTP GET-type requests, potentially exposing credentials to... Moderate Unreviewed
CVE-2025-24948 was published Apr 15, 2025
A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-2356 was published Mar 17, 2025
A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF... Moderate Unreviewed
CVE-2025-1738 was published Feb 27, 2025
Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access... Moderate Unreviewed
CVE-2025-26058 was published Feb 18, 2025
A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the... Moderate Unreviewed
CVE-2024-12012 was published Feb 13, 2025
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build... Moderate Unreviewed
CVE-2025-0730 was published Jan 27, 2025
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from... Moderate Unreviewed
CVE-2024-41738 was published Nov 1, 2024
Under certain circumstances the exacqVision Web Service can expose authentication token details... Moderate Unreviewed
CVE-2024-32931 was published Aug 2, 2024
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that... Moderate Unreviewed
CVE-2023-50954 was published Jun 30, 2024
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the... Moderate Unreviewed
CVE-2023-25524 was published Aug 3, 2023
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive... Moderate Unreviewed
CVE-2021-21594 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database