Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having... High Unreviewed
CVE-2018-12710 was published May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the... High Unreviewed
CVE-2018-13140 was published May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15752 was published May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted... High Unreviewed
CVE-2018-18071 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed
CVE-2018-4227 was published May 13, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
Potentially compromised builds High
CVE-2019-10249 was published for org.eclipse.xtend:org.eclipse.xtend.core (Maven) May 24, 2022
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25... High Unreviewed
CVE-2021-45447 was published Nov 2, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext... High Unreviewed
CVE-2020-36423 was published May 24, 2022
The affected products contain vulnerable firmware, which could allow an attacker to sniff the... High Unreviewed
CVE-2021-4161 was published Dec 28, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS... High Unreviewed
CVE-2021-20154 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed
CVE-2021-20174 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By... High Unreviewed
CVE-2021-20169 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed
CVE-2021-20175 was published Dec 31, 2021
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore,... High Unreviewed
CVE-2021-41835 was published Jan 22, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar... High Unreviewed
CVE-2021-29397 was published Feb 9, 2022
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext... High Unreviewed
CVE-2021-40846 was published Mar 5, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict... High Unreviewed
CVE-2019-4162 was published May 24, 2022
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive... High Unreviewed
CVE-2023-25016 was published Feb 6, 2023
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application... High Unreviewed
CVE-2022-45546 was published Feb 15, 2023
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS... High Unreviewed
CVE-2022-40693 was published Feb 7, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in... High Unreviewed
CVE-2023-22806 was published Feb 15, 2023
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which... High Unreviewed
CVE-2019-13498 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java... High Unreviewed
CVE-2023-1656 was published Mar 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database