GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,843
Composer 4,472
Erlang 33
GitHub Actions 24
Go 2,192
Maven 5,421
npm 3,841
NuGet 696
pip 3,621
Pub 12
RubyGems 911
Rust 910
Swift 38

Unreviewed advisories

All unreviewed 248,548

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

570 advisories

Filter by severity

Sort by

Least recently updated

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. Moderate Unreviewed

CVE-2020-12730 was published May 24, 2022

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can... Moderate Unreviewed

CVE-2021-34687 was published May 24, 2022

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone.... Critical Unreviewed

CVE-2021-22380 was published May 24, 2022

When using http protocol, the user password is transmitted as a clear text parameter for which it... Moderate Unreviewed

CVE-2021-23846 was published May 24, 2022

The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with... High Unreviewed

CVE-2021-32612 was published May 24, 2022

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of... Moderate Unreviewed

CVE-2021-22325 was published May 24, 2022

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of... Moderate Unreviewed

CVE-2021-23896 was published May 24, 2022

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations.... Moderate Unreviewed

CVE-2021-31855 was published May 24, 2022

Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before... High Unreviewed

CVE-2021-23018 was published May 24, 2022

Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote... Moderate Unreviewed

CVE-2021-33408 was published May 24, 2022

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.... Moderate Unreviewed

CVE-2021-25643 was published May 24, 2022

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View... Moderate Unreviewed

CVE-2021-27925 was published May 24, 2022

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is... Moderate Unreviewed

CVE-2021-27924 was published May 24, 2022

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the... Moderate Unreviewed

CVE-2021-32456 was published May 24, 2022

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial... High Unreviewed

CVE-2020-27185 was published May 24, 2022

Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over... Moderate Unreviewed

CVE-2021-3003 was published May 24, 2022

GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to... Low Unreviewed

CVE-2021-31815 was published May 24, 2022

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by... Moderate Unreviewed

CVE-2021-3494 was published May 24, 2022

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed

CVE-2020-26197 was published May 24, 2022

In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface... High Unreviewed

CVE-2021-20992 was published May 24, 2022

Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee... Moderate Unreviewed

CVE-2021-23884 was published May 24, 2022

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for... Moderate Unreviewed

CVE-2020-7308 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2021-27251 was published May 24, 2022

Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1... High Unreviewed

CVE-2021-27194 was published May 24, 2022

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in... High Unreviewed

CVE-2019-18231 was published May 24, 2022

Previous 1 2 … 11 12 13 14 15 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

570 advisories