GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,755
Composer 5,033
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,120
npm 4,299
NuGet 760
pip 4,078
Pub 12
RubyGems 957
Rust 1,060
Swift 45

Unreviewed advisories

All unreviewed 278,128

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

204 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability... High Unreviewed

CVE-2025-62765 was published Nov 15, 2025

When using domain users as BRAIN2 users, communication with Active Directory services is... High Unreviewed

CVE-2025-12508 was published Oct 31, 2025

The web server of the device performs exchanges of sensitive information in clear text through an... High Unreviewed

CVE-2025-64389 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager... High Unreviewed

CVE-2025-34271 was published Oct 31, 2025

All WorkExaminer Professional traffic between monitoring client, console and server is... High Unreviewed

CVE-2025-10641 was published Oct 21, 2025

Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker... High Unreviewed

CVE-2025-53139 was published Oct 14, 2025

A cleartext transmission of sensitive information vulnerability in the affected products allows... High Unreviewed

CVE-2025-41718 was published Oct 14, 2025

IBM Aspera HTTP Gateway 2.0.0 through 2.3.1 stores sensitive information in clear text in easily... High Unreviewed

CVE-2025-36274 was published Sep 26, 2025

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port... High Unreviewed

CVE-2025-54818 was published Sep 19, 2025

An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of... High Unreviewed

CVE-2025-47698 was published Sep 18, 2025

An issue was discovered in the method push.lite.avtech.com.AvtechLib.GetHttpsResponse in AVTECH... High Unreviewed

CVE-2025-50110 was published Sep 15, 2025

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An... High Unreviewed

CVE-2025-41708 was published Sep 8, 2025

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users... High Unreviewed

CVE-2025-52351 was published Aug 21, 2025

The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit... High Unreviewed

CVE-2025-6180 was published Aug 20, 2025

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data... High Unreviewed

CVE-2025-8863 was published Aug 11, 2025

The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed

CVE-2025-52586 was published Aug 8, 2025

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and... High Unreviewed

CVE-2025-52490 was published Jul 29, 2025

DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that... High Unreviewed

CVE-2025-53703 was published Jul 23, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of... High Unreviewed

CVE-2025-53756 was published Jul 16, 2025

Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process. High Unreviewed

CVE-2025-44251 was published Jul 10, 2025

YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly... High Unreviewed

CVE-2025-45080 was published Jul 1, 2025

The server supports authentication methods in which credentials are sent in plaintext over... High Unreviewed

CVE-2025-49194 was published Jun 12, 2025

All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept... High Unreviewed

CVE-2025-49183 was published Jun 12, 2025

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This... High Unreviewed

CVE-2025-5270 was published May 27, 2025

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command... High Unreviewed

CVE-2025-32887 was published May 2, 2025

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

204 advisories