Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes,... High Unreviewed
CVE-2024-42018 was published Oct 11, 2024
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used... High Unreviewed
CVE-2024-39339 was published Sep 18, 2024
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for... High Unreviewed
CVE-2024-10028 was published Nov 6, 2024
Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server... High Unreviewed
CVE-2024-48352 was published Nov 1, 2024
Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a... High Unreviewed
CVE-2024-48353 was published Nov 1, 2024
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according... High Unreviewed
CVE-2024-25728 was published Feb 12, 2024
An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-48770 was published Oct 11, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when... High Unreviewed
CVE-2024-29968 was published Apr 19, 2024
The encrypted subject of an email message could be incorrectly and permanently assigned to an... High Unreviewed
CVE-2024-1936 was published Mar 5, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2023-42913 was published Mar 28, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a... High Unreviewed
CVE-2024-22808 was published Apr 22, 2024
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass. High Unreviewed
CVE-2024-22773 was published Feb 6, 2024
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may... High Unreviewed
CVE-2022-43475 was published May 10, 2023
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows... High Unreviewed
CVE-2023-32184 was published Sep 19, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information... High Unreviewed
CVE-2023-37879 was published Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... High Unreviewed
CVE-2023-40728 was published Sep 14, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions... High Unreviewed
CVE-2022-46484 was published Aug 2, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate... High Unreviewed
CVE-2023-22687 was published Jul 6, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may... High Unreviewed
CVE-2022-44619 was published May 10, 2023
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the... High Unreviewed
CVE-2019-5627 was published May 24, 2022
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in... High Unreviewed
CVE-2019-5626 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the... High Unreviewed
CVE-2023-41965 was published Sep 18, 2023
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to... High Unreviewed
CVE-2023-45182 was published Dec 14, 2023
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption),... High Unreviewed
CVE-2021-39289 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database