Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

541 advisories

Loading
An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View... Moderate Unreviewed
CVE-2021-27925 was published May 24, 2022
Cleartext Transmission of Sensitive Information in Apache MINA High
CVE-2019-0231 was published for org.apache.mina:mina-core (Maven) May 24, 2022
The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive... Moderate Unreviewed
CVE-2022-30312 was published Sep 8, 2022
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed
CVE-2020-26197 was published May 24, 2022
An information disclosure vulnerability exists in the Web Application functionality of Moxa... High Unreviewed
CVE-2021-40392 was published Apr 15, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in... High Unreviewed
CVE-2021-33022 was published Apr 3, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of... Moderate Unreviewed
CVE-2021-45894 was published Apr 6, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are... High Unreviewed
CVE-2021-32982 was published Apr 5, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has... Moderate Unreviewed
CVE-2003-5002 was published Mar 29, 2022
Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as... High Unreviewed
CVE-2022-0988 was published Mar 26, 2022
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x... High Unreviewed
CVE-2020-25178 was published Mar 19, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following... Moderate Unreviewed
CVE-2021-41849 was published Mar 13, 2022
Cleartext Transmission of Sensitive Information in moment-timezone Moderate
GHSA-v78c-4p63-2j6c was published for moment-timezone (npm) Aug 30, 2022
scovetta
Cleartext Transmission of Sensitive Information, Inclusion of Functionality from Untrusted Control Sphere , and Download of Code Without Integrity Check in Eclipse hawkBit High
CVE-2019-10240 was published for org.eclipse.hawkbit:hawkbit-autoconfigure (Maven) Apr 15, 2019
"catalog's registry v2 api exposed on unauthenticated path in Harbor" Moderate
CVE-2020-29662 was published for github.com/goharbor/harbor (Go) Feb 12, 2022
High severity vulnerability that affects com.github.shyiko.ktlint:ktlint-core High
CVE-2019-1010260 was published for com.github.shyiko.ktlint:ktlint-core (Maven) Apr 8, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database