Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

487 advisories

Loading
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin Moderate
CVE-2024-39459 was published for org.jenkins-ci.plugins:plain-credentials (Maven) Jun 26, 2024
Plain text credentials and session ID can be captured with a network sniffer. Moderate Unreviewed
CVE-2024-37183 was published Jun 21, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.... High Unreviewed
CVE-2024-5996 was published Jun 14, 2024
Toshiba printers will display the password of the admin user in clear-text and additional... Moderate Unreviewed
CVE-2024-27163 was published Jun 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2024-35210 was published Jun 11, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed
CVE-2024-37393 was published Jun 10, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30209 was published May 14, 2024
An unauthenticated remote attacker... High Unreviewed
CVE-2024-28134 was published May 14, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user... Moderate Unreviewed
CVE-2024-0098 was published May 14, 2024
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could... High Unreviewed
CVE-2024-4161 was published Apr 25, 2024
dectalk-tts Uses Unencrypted HTTP Request High
CVE-2024-31206 was published for dectalk-tts (npm) Apr 4, 2024
AverageHelper JstnMcBrd
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of... High Unreviewed
CVE-2024-25960 was published Mar 28, 2024
The affected product is vulnerable to a cleartext transmission of sensitive information... High Unreviewed
CVE-2024-0860 was published Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption... High Unreviewed
CVE-2024-26288 was published Mar 12, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2023-47745 was published Mar 3, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
Windows Printing Service Spoofing Vulnerability High Unreviewed
CVE-2024-21406 was published Feb 13, 2024
Sametime is impacted by sensitive information passed in URL. Low Unreviewed
CVE-2023-45716 was published Feb 10, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed
CVE-2023-42016 was published Feb 9, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances... High Unreviewed
CVE-2023-32328 was published Feb 7, 2024
An attacker with access to the network where the affected devices are located could... Moderate Unreviewed
CVE-2023-40544 was published Feb 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS)... Moderate Unreviewed
CVE-2023-50962 was published Feb 2, 2024
Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2... Moderate Unreviewed
CVE-2023-51201 was published Jan 24, 2024
Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the... Moderate Unreviewed
CVE-2023-46889 was published Jan 23, 2024
Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local... Moderate Unreviewed
CVE-2023-42144 was published Jan 23, 2024
ProTip! Advisories are also available from the GraphQL API