GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,356

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

823 advisories

Filter by severity

Sort by

Least recently updated

An issue in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to... High Unreviewed

CVE-2024-44815 was published Sep 10, 2024

A series of related high-severity vulnerabilities, the most notable enabling remote code... High Unreviewed

CVE-2024-40710 was published Sep 7, 2024

Credentials to access device configuration information stored unencrypted in flash memory. These... Moderate Unreviewed

CVE-2024-39278 was published Sep 6, 2024

Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow... High Unreviewed

CVE-2023-49233 was published Sep 3, 2024

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive... Moderate Unreviewed

CVE-2024-40704 was published Aug 15, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison... Moderate Unreviewed

CVE-2024-7813 was published Aug 15, 2024

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated... High Unreviewed

CVE-2024-39818 was published Aug 14, 2024

A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub... Critical Unreviewed

CVE-2024-6118 was published Aug 5, 2024

The Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2024-7389 was published Aug 2, 2024

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an... Moderate Unreviewed

CVE-2024-3082 was published Jul 31, 2024

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote... High Unreviewed

CVE-2024-6492 was published Jul 16, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain... Moderate Unreviewed

CVE-2024-39733 was published Jul 14, 2024

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key.... High Unreviewed

CVE-2024-38453 was published Jul 3, 2024

The webserver utilizes basic authentication for its user login to the configuration interface. As... High Unreviewed

CVE-2023-41926 was published Jul 2, 2024

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile... Moderate Unreviewed

CVE-2024-39879 was published Jul 1, 2024

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App... Moderate Unreviewed

CVE-2024-39878 was published Jul 1, 2024

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site Moderate Unreviewed

CVE-2024-38505 was published Jun 18, 2024

HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This... Low Unreviewed

CVE-2024-30119 was published Jun 15, 2024

Utilizing default credentials, an attacker is able to log into the camera's operating system... Unknown Unreviewed

CVE-2024-38282 was published Jun 13, 2024

Logs storing credentials are insufficiently protected and can be decoded through the use of open... Unknown Unreviewed

CVE-2024-38285 was published Jun 13, 2024

IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by... Moderate Unreviewed

CVE-2024-25052 was published Jun 13, 2024

An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout,... Moderate Unreviewed

CVE-2024-26330 was published Jun 11, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed

CVE-2024-35208 was published Jun 11, 2024

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1... Critical Unreviewed

CVE-2024-37051 was published Jun 10, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

823 advisories