Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

462 advisories

Loading
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A... Critical Unreviewed
CVE-2019-6526 was published May 13, 2022
When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials... Critical Unreviewed
CVE-2018-11749 was published May 13, 2022
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10732 was published May 13, 2022
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails... Moderate Unreviewed
CVE-2019-10740 was published May 4, 2022
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext... High Unreviewed
CVE-2008-4390 was published May 2, 2022
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which... Moderate Unreviewed
CVE-2008-4122 was published May 2, 2022
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified... Moderate Unreviewed
CVE-2008-3289 was published May 1, 2022
OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the... High Unreviewed
CVE-2008-0374 was published May 1, 2022
make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command... Low Unreviewed
CVE-2007-5626 was published May 1, 2022
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2... Moderate Unreviewed
CVE-2007-4786 was published May 1, 2022
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map ... Moderate Unreviewed
CVE-2005-3140 was published May 1, 2022
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use... Moderate Unreviewed
CVE-2005-2069 was published May 1, 2022
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits... Moderate Unreviewed
CVE-2002-1949 was published Apr 30, 2022
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption... Moderate Unreviewed
CVE-2004-1852 was published Apr 29, 2022
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain... Moderate Unreviewed
CVE-2012-1257 was published Apr 23, 2022
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the... Moderate Unreviewed
CVE-2010-4177 was published Apr 21, 2022
An information disclosure vulnerability exists in the Web Application functionality of Moxa... High Unreviewed
CVE-2021-40392 was published Apr 15, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of... Moderate Unreviewed
CVE-2021-45894 was published Apr 6, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are... High Unreviewed
CVE-2021-32982 was published Apr 5, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in... High Unreviewed
CVE-2021-33022 was published Apr 3, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has... Moderate Unreviewed
CVE-2003-5002 was published Mar 29, 2022
Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as... High Unreviewed
CVE-2022-0988 was published Mar 26, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP... High Unreviewed
CVE-2021-27422 was published Mar 24, 2022
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x... High Unreviewed
CVE-2020-25178 was published Mar 19, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following... Moderate Unreviewed
CVE-2021-41849 was published Mar 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database