Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238 advisories

Loading
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue... Moderate Unreviewed
CVE-2017-2412 was published May 13, 2022
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content... Moderate Unreviewed
CVE-2017-17844 was published May 13, 2022
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires... Moderate Unreviewed
CVE-2017-15042 was published May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security... Moderate Unreviewed
CVE-2017-1232 was published May 13, 2022
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit... Moderate Unreviewed
CVE-2017-12716 was published May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface... Moderate Unreviewed
CVE-2017-14009 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0281 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0283 was published May 13, 2022
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed
CVE-2018-10634 was published May 13, 2022
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or... Moderate Unreviewed
CVE-2018-5401 was published May 13, 2022
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS,... Moderate Unreviewed
CVE-2018-5471 was published May 13, 2022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7... Moderate Unreviewed
CVE-2011-3022 was published May 13, 2022
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local... Moderate Unreviewed
CVE-2019-5489 was published May 13, 2022
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive... Moderate Unreviewed
CVE-2019-4063 was published May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such... Moderate Unreviewed
CVE-2018-16225 was published May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2018-1525 was published May 13, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2018-1454 was published May 13, 2022
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows... Moderate Unreviewed
CVE-2019-8345 was published May 13, 2022
The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain... Moderate Unreviewed
CVE-2019-10251 was published May 13, 2022
UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which... Moderate Unreviewed
CVE-2019-10250 was published May 13, 2022
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10734 was published May 13, 2022
In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them... Moderate Unreviewed
CVE-2019-10735 was published May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and... Moderate Unreviewed
CVE-2019-6540 was published May 13, 2022
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10732 was published May 13, 2022
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails... Moderate Unreviewed
CVE-2019-10740 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database