GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
260 advisories
Filter by severity
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak...
Moderate
Unreviewed
CVE-2024-40090
was published
Oct 21, 2024
Taipy has a Session Cookie without Secure and HTTPOnly flags
Moderate
CVE-2024-47833
was published
for
taipy
(pip)
Aug 27, 2024
Cleartext transmission of sensitive information in acep-collector service. The following products...
Moderate
Unreviewed
CVE-2024-49387
was published
Oct 15, 2024
A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which...
Moderate
Unreviewed
CVE-2024-9620
was published
Oct 8, 2024
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information...
Moderate
Unreviewed
CVE-2022-38710
was published
Nov 4, 2022
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies....
Moderate
Unreviewed
CVE-2024-43180
was published
Sep 13, 2024
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an...
Moderate
Unreviewed
CVE-2024-41927
was published
Sep 4, 2024
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical...
Moderate
Unreviewed
CVE-2023-27291
was published
Mar 3, 2024
Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Moderate
CVE-2019-12781
was published
for
Django
(pip)
Jul 3, 2019
IPMI credentials may be captured in XCC audit log entries when the account username length is 16...
Moderate
Unreviewed
CVE-2024-8059
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that...
Moderate
Unreviewed
CVE-2024-45101
was published
Sep 13, 2024
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with...
Moderate
Unreviewed
CVE-2024-31799
was published
Aug 15, 2024
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
Moderate
CVE-2024-38167
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Aug 13, 2024
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device,...
Moderate
Unreviewed
CVE-2024-5631
was published
Jul 9, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Moderate
Unreviewed
CVE-2024-35210
was published
Jun 11, 2024
Under certain circumstances exacqVision Web Services will not enforce secure web communications ...
Moderate
Unreviewed
CVE-2024-32864
was published
Aug 1, 2024
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive...
Moderate
Unreviewed
CVE-2024-28275
was published
Apr 3, 2024
Toshiba printers will display the password of the admin user in clear-text and additional...
Moderate
Unreviewed
CVE-2024-27163
was published
Jun 14, 2024
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin
Moderate
CVE-2024-39459
was published
for
org.jenkins-ci.plugins:plain-credentials
(Maven)
Jun 26, 2024
Plain text credentials and session ID can be captured with a network sniffer.
Moderate
Unreviewed
CVE-2024-37183
was published
Jun 21, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user...
Moderate
Unreviewed
CVE-2024-0098
was published
May 14, 2024
Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2...
Moderate
Unreviewed
CVE-2023-51201
was published
Jan 24, 2024
TYPO3 Information Disclosure Vulnerability
Moderate
CVE-2017-6370
was published
for
typo3/cms
(Composer)
May 13, 2022
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to...
Moderate
Unreviewed
CVE-2020-14171
was published
May 24, 2022
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure...
Moderate
Unreviewed
CVE-2022-30115
was published
Jun 3, 2022
ProTip!
Advisories are also available from the
GraphQL API