GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,738
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
189 advisories
Filter by severity
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having...
High
Unreviewed
CVE-2018-12710
was published
May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the...
High
Unreviewed
CVE-2018-13140
was published
May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android....
High
Unreviewed
CVE-2018-15752
was published
May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted...
High
Unreviewed
CVE-2018-18071
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10...
High
Unreviewed
CVE-2018-4227
was published
May 13, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote...
High
Unreviewed
CVE-2018-7960
was published
May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software...
High
Unreviewed
CVE-2018-7298
was published
May 13, 2022
Potentially compromised builds
High
CVE-2019-10249
was published
for
org.eclipse.xtend:org.eclipse.xtend.core
(Maven)
May 24, 2022
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25...
High
Unreviewed
CVE-2021-45447
was published
Nov 2, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext...
High
Unreviewed
CVE-2020-36423
was published
May 24, 2022
The affected products contain vulnerable firmware, which could allow an attacker to sniff the...
High
Unreviewed
CVE-2021-4161
was published
Dec 28, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS...
High
Unreviewed
CVE-2021-20154
was published
Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the...
High
Unreviewed
CVE-2021-20174
was published
Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By...
High
Unreviewed
CVE-2021-20169
was published
Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the...
High
Unreviewed
CVE-2021-20175
was published
Dec 31, 2021
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore,...
High
Unreviewed
CVE-2021-41835
was published
Jan 22, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar...
High
Unreviewed
CVE-2021-29397
was published
Feb 9, 2022
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext...
High
Unreviewed
CVE-2021-40846
was published
Mar 5, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict...
High
Unreviewed
CVE-2019-4162
was published
May 24, 2022
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive...
High
Unreviewed
CVE-2023-25016
was published
Feb 6, 2023
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application...
High
Unreviewed
CVE-2022-45546
was published
Feb 15, 2023
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS...
High
Unreviewed
CVE-2022-40693
was published
Feb 7, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in...
High
Unreviewed
CVE-2023-22806
was published
Feb 15, 2023
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which...
High
Unreviewed
CVE-2019-13498
was published
May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java...
High
Unreviewed
CVE-2023-1656
was published
Mar 29, 2023
ProTip!
Advisories are also available from the
GraphQL API