Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

52 advisories

Loading
In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of... Critical Unreviewed
CVE-2025-11492 was published Oct 16, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and... Critical Unreviewed
CVE-2025-34199 was published Sep 19, 2025
Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows... Critical Unreviewed
CVE-2025-7743 was published Sep 16, 2025
The Sante PACS Server Web Portal sends credential information without encryption. Critical Unreviewed
CVE-2025-54156 was published Aug 19, 2025
Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in... Critical Unreviewed
CVE-2025-4378 was published Jun 26, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to... Critical Unreviewed
CVE-2025-32880 was published Jun 20, 2025
An issue in CloudClassroom PHP Project v.1.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-26199 was published Jun 18, 2025
The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could... Critical Unreviewed
CVE-2025-27720 was published May 9, 2025
Issue in my product in blah version x on y allows bad person to break Critical Unreviewed
CVE-2025-4475 was published May 8, 2025
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec... Critical Unreviewed
CVE-2024-12378 was published May 8, 2025
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows... Critical Unreviewed
CVE-2025-47419 was published May 6, 2025
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently... Critical Unreviewed
CVE-2025-2311 was published Mar 20, 2025
Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to... Critical Unreviewed
CVE-2024-13872 was published Mar 12, 2025
The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and... Critical Unreviewed
CVE-2022-41545 was published Feb 18, 2025
Improper data protection on the ventilator's serial interface could allow an attacker to send and... Critical Unreviewed
CVE-2024-9834 was published Nov 14, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38891 was published Aug 2, 2024
NASA AIT-Core vulnerable to remote code execution Critical
CVE-2024-35059 was published for ait-core (pip) May 21, 2024
NASA AIT-Core vulnerable to remote code execution Critical
CVE-2024-35057 was published for ait-core (pip) May 21, 2024
NASA AIT-Core vulnerable to remote code execution Critical
CVE-2024-35058 was published for ait-core (pip) May 21, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30209 was published May 14, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed
CVE-2023-39172 was published Dec 7, 2023
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan... Critical Unreviewed
CVE-2023-33730 was published May 31, 2023
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause... Critical Unreviewed
CVE-2022-46680 was published May 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database