GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them...
Moderate
Unreviewed
CVE-2019-10735
was published
May 13, 2022
UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which...
Moderate
Unreviewed
CVE-2019-10250
was published
May 13, 2022
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows...
Moderate
Unreviewed
CVE-2019-8345
was published
May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and...
Moderate
Unreviewed
CVE-2019-6540
was published
May 13, 2022
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as...
Moderate
Unreviewed
CVE-2019-10732
was published
May 13, 2022
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails...
Moderate
Unreviewed
CVE-2019-10740
was published
May 4, 2022
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in...
Moderate
Unreviewed
CVE-2022-2338
was published
Aug 18, 2022
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
Moderate
Unreviewed
CVE-2023-22597
was published
Jan 13, 2023
Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected...
Moderate
Unreviewed
CVE-2022-45483
was published
Dec 2, 2022
PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the...
Moderate
Unreviewed
CVE-2022-45480
was published
Dec 2, 2022
IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive...
Moderate
Unreviewed
CVE-2019-4382
was published
May 24, 2022
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use...
Moderate
Unreviewed
CVE-2005-2069
was published
May 1, 2022
The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP...
Moderate
Unreviewed
CVE-2021-42699
was published
May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view...
Moderate
Unreviewed
CVE-2020-35456
was published
May 24, 2022
IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in...
Moderate
Unreviewed
CVE-2020-4152
was published
May 24, 2022
Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble...
Moderate
Unreviewed
CVE-2021-3792
was published
May 24, 2022
IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6...
Moderate
Unreviewed
CVE-2021-29753
was published
May 24, 2022
Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an...
Moderate
Unreviewed
CVE-2021-38418
was published
May 24, 2022
In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to...
Moderate
Unreviewed
CVE-2021-39882
was published
May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the...
Moderate
Unreviewed
CVE-2021-29769
was published
May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of...
Moderate
Unreviewed
CVE-2021-23896
was published
May 24, 2022
When using http protocol, the user password is transmitted as a clear text parameter for which it...
Moderate
Unreviewed
CVE-2021-23846
was published
May 24, 2022
An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android....
Moderate
Unreviewed
CVE-2021-44518
was published
Dec 3, 2021
Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote...
Moderate
Unreviewed
CVE-2021-33408
was published
May 24, 2022
An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is...
Moderate
Unreviewed
CVE-2021-27924
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API