Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
Jenkins SourceGear Vault plugin transmits credentials in plain text High
CVE-2019-10435 was published for org.jenkins-ci.plugins:vault-scm-plugin (Maven) May 24, 2022
Cleartext Transmission of Sensitive Information in Apache MINA High
CVE-2019-0231 was published for org.apache.mina:mina-core (Maven) May 24, 2022
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which... High Unreviewed
CVE-2019-16924 was published May 24, 2022
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext... High Unreviewed
CVE-2019-15135 was published May 24, 2022
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which... High Unreviewed
CVE-2019-13498 was published May 24, 2022
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were... High Unreviewed
CVE-2019-10102 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict... High Unreviewed
CVE-2019-4162 was published May 24, 2022
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security... High Unreviewed
CVE-2019-5494 was published May 24, 2022
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers... High Unreviewed
CVE-2019-5496 was published May 24, 2022
Potentially compromised builds High
CVE-2019-10249 was published for org.eclipse.xtend:org.eclipse.xtend.core (Maven) May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29874 was published May 21, 2022
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl... High Unreviewed
CVE-2021-32934 was published May 20, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30994 was published May 19, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30993 was published May 19, 2022
Setuptools vulnerable to Man-in-the-middle attacks High
CVE-2013-1633 was published for setuptools (pip) May 17, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed
CVE-2018-4227 was published May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted... High Unreviewed
CVE-2018-18071 was published May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15752 was published May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the... High Unreviewed
CVE-2018-13140 was published May 13, 2022
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having... High Unreviewed
CVE-2018-12710 was published May 13, 2022
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list... High Unreviewed
CVE-2018-11338 was published May 13, 2022
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1... High Unreviewed
CVE-2018-11050 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database