Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By... High Unreviewed
CVE-2021-20169 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed
CVE-2021-20174 was published Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS... High Unreviewed
CVE-2021-20154 was published Dec 31, 2021
The affected products contain vulnerable firmware, which could allow an attacker to sniff the... High Unreviewed
CVE-2021-4161 was published Dec 28, 2021
An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext... High Unreviewed
CVE-2020-36423 was published May 24, 2022
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25... High Unreviewed
CVE-2021-45447 was published Nov 2, 2022
Potentially compromised builds High
CVE-2019-10249 was published for org.eclipse.xtend:org.eclipse.xtend.core (Maven) May 24, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed
CVE-2018-4227 was published May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted... High Unreviewed
CVE-2018-18071 was published May 13, 2022
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having... High Unreviewed
CVE-2018-12710 was published May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the... High Unreviewed
CVE-2018-13140 was published May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15752 was published May 13, 2022
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list... High Unreviewed
CVE-2018-11338 was published May 13, 2022
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1... High Unreviewed
CVE-2018-11050 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves... High Unreviewed
CVE-2017-7133 was published May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The... High Unreviewed
CVE-2017-6432 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be... High Unreviewed
CVE-2017-1694 was published May 13, 2022
Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1... High Unreviewed
CVE-2017-15290 was published May 13, 2022
The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use... High Unreviewed
CVE-2017-14486 was published May 13, 2022
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges... High Unreviewed
CVE-2017-1181 was published May 13, 2022
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information... High Unreviewed
CVE-2017-1000024 was published May 13, 2022
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an... High Unreviewed
CVE-2017-12310 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database