GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
665
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
462 advisories
Filter by severity
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit...
Moderate
Unreviewed
CVE-2017-12716
was published
May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface...
Moderate
Unreviewed
CVE-2017-14009
was published
May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root...
High
Unreviewed
CVE-2017-5259
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0281
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0283
was published
May 13, 2022
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723...
Moderate
Unreviewed
CVE-2018-10634
was published
May 13, 2022
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a...
High
Unreviewed
CVE-2018-1600
was published
May 13, 2022
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or...
Moderate
Unreviewed
CVE-2018-5401
was published
May 13, 2022
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS,...
Moderate
Unreviewed
CVE-2018-5471
was published
May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits...
High
Unreviewed
CVE-2018-8842
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-8855
was published
May 13, 2022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7...
Moderate
Unreviewed
CVE-2011-3022
was published
May 13, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application...
High
Unreviewed
CVE-2019-7675
was published
May 13, 2022
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local...
Moderate
Unreviewed
CVE-2019-5489
was published
May 13, 2022
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive...
Moderate
Unreviewed
CVE-2019-4063
was published
May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such...
Moderate
Unreviewed
CVE-2018-16225
was published
May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2018-1525
was published
May 13, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2018-1454
was published
May 13, 2022
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows...
Moderate
Unreviewed
CVE-2019-8345
was published
May 13, 2022
The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain...
Moderate
Unreviewed
CVE-2019-10251
was published
May 13, 2022
UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which...
Moderate
Unreviewed
CVE-2019-10250
was published
May 13, 2022
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as...
Moderate
Unreviewed
CVE-2019-10734
was published
May 13, 2022
In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them...
Moderate
Unreviewed
CVE-2019-10735
was published
May 13, 2022
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper...
High
Unreviewed
CVE-2017-9035
was published
May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and...
Moderate
Unreviewed
CVE-2019-6540
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API