GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,395
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,603
Maven 6,053
npm 4,250
NuGet 755
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,785

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

648 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

All WorkExaminer Professional traffic between monitoring client, console and server is... High Unreviewed

CVE-2025-10641 was published Oct 21, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits... Low Unreviewed

CVE-2025-62643 was published Oct 17, 2025

The Sante PACS Server Web Portal sends credential information without encryption. Critical Unreviewed

CVE-2025-54156 was published Aug 19, 2025

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of... Critical Unreviewed

CVE-2025-11492 was published Oct 16, 2025

Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker... High Unreviewed

CVE-2025-53139 was published Oct 14, 2025

A cleartext transmission of sensitive information vulnerability in the affected products allows... High Unreviewed

CVE-2025-41718 was published Oct 14, 2025

SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for... Moderate Unreviewed

CVE-2025-2861 was published Mar 28, 2025

Components of the YoSmart YoLink ecosystem through 2025-10-02 leverage unencrypted MQTT to... Moderate Unreviewed

CVE-2025-59448 was published Oct 6, 2025

The Flock Safety Pisco com.flocksafety.android.pisco application 6.21.11 for Android (installed... Moderate Unreviewed

CVE-2025-59406 was published Oct 2, 2025

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-39746 was published Aug 22, 2024

IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-41757 was published Jan 24, 2025

IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-31905 was published Aug 15, 2024

IBM Aspera HTTP Gateway 2.0.0 through 2.3.1 stores sensitive information in clear text in easily... High Unreviewed

CVE-2025-36274 was published Sep 26, 2025

iMonitor EAM 9.6394 transmits communication between the EAM client agent and the EAM server, as... Moderate Unreviewed

CVE-2025-10540 was published Sep 25, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and... Critical Unreviewed

CVE-2025-34199 was published Sep 19, 2025

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port... High Unreviewed

CVE-2025-54818 was published Sep 19, 2025

An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of... High Unreviewed

CVE-2025-47698 was published Sep 18, 2025

Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows... Critical Unreviewed

CVE-2025-7743 was published Sep 16, 2025

An issue was discovered in the method push.lite.avtech.com.AvtechLib.GetHttpsResponse in AVTECH... High Unreviewed

CVE-2025-50110 was published Sep 15, 2025

The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed

CVE-2025-52586 was published Aug 8, 2025

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An... High Unreviewed

CVE-2025-41708 was published Sep 8, 2025

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal... Moderate Unreviewed

CVE-2025-31972 was published Aug 28, 2025

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed

CVE-2022-34704 was published Aug 10, 2022

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed

CVE-2024-6388 was published Jun 27, 2024

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users... High Unreviewed

CVE-2025-52351 was published Aug 21, 2025

Previous1…26 Next

Previous 1 2 3 4 5 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

648 advisories