Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238 advisories

Loading
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed
CVE-2019-15635 was published May 24, 2022
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed
CVE-2019-14664 was published May 24, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions... Moderate Unreviewed
CVE-2019-12820 was published May 24, 2022
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during... Moderate Unreviewed
CVE-2019-10101 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and... Moderate Unreviewed
CVE-2019-6640 was published May 24, 2022
A vulnerability has been identified in SIMATIC Ident MV420 family (All versions), SIMATIC Ident... Moderate Unreviewed
CVE-2019-10926 was published May 24, 2022
On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose... Moderate Unreviewed
CVE-2019-6613 was published May 24, 2022
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof... Moderate Unreviewed
CVE-2018-6019 was published May 13, 2022
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private... Moderate Unreviewed
CVE-2018-19111 was published May 13, 2022
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests... Moderate Unreviewed
CVE-2018-18908 was published May 13, 2022
The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when... Moderate Unreviewed
CVE-2018-14627 was published May 13, 2022
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)... Moderate Unreviewed
CVE-2018-12674 was published May 13, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent... Moderate Unreviewed
CVE-2018-11477 was published May 13, 2022
SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate... Moderate Unreviewed
CVE-2018-11402 was published May 13, 2022
SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate... Moderate Unreviewed
CVE-2018-11399 was published May 13, 2022
An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the... Moderate Unreviewed
CVE-2017-8851 was published May 13, 2022
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script... Moderate Unreviewed
CVE-2017-8850 was published May 13, 2022
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague... Moderate Unreviewed
CVE-2017-8154 was published May 13, 2022
An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is... Moderate Unreviewed
CVE-2017-7147 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13... Moderate Unreviewed
CVE-2017-7078 was published May 13, 2022
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE... Moderate Unreviewed
CVE-2017-6665 was published May 13, 2022
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL... Moderate Unreviewed
CVE-2017-6410 was published May 13, 2022
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400... Moderate Unreviewed
CVE-2017-6341 was published May 13, 2022
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an... Moderate Unreviewed
CVE-2017-3815 was published May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API).... Moderate Unreviewed
CVE-2017-3305 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database