GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over...
Moderate
Unreviewed
CVE-2021-3003
was published
May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) prior to version 3.1.0...
Moderate
Unreviewed
CVE-2020-8355
was published
May 24, 2022
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of...
Moderate
Unreviewed
CVE-2021-22325
was published
May 24, 2022
An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2....
Moderate
Unreviewed
CVE-2021-25643
was published
May 24, 2022
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by...
Moderate
Unreviewed
CVE-2021-3494
was published
May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive...
Moderate
Unreviewed
CVE-2020-4893
was published
May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials...
Moderate
Unreviewed
CVE-2021-3417
was published
May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional...
Moderate
Unreviewed
CVE-2020-8356
was published
May 24, 2022
Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology...
Moderate
Unreviewed
CVE-2021-26560
was published
May 24, 2022
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology...
Moderate
Unreviewed
CVE-2021-26565
was published
May 24, 2022
BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https...
Moderate
Unreviewed
CVE-2020-14248
was published
May 24, 2022
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology...
Moderate
Unreviewed
CVE-2021-26564
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2020-4969
was published
May 24, 2022
Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote...
Moderate
Unreviewed
CVE-2020-25605
was published
May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,...
Moderate
Unreviewed
CVE-2020-29055
was published
May 24, 2022
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager ...
Moderate
Unreviewed
CVE-2020-27657
was published
May 24, 2022
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation...
Moderate
Unreviewed
CVE-2020-27656
was published
May 24, 2022
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
Moderate
Unreviewed
CVE-2020-27586
was published
May 24, 2022
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1...
Moderate
Unreviewed
CVE-2020-29380
was published
May 24, 2022
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 has an action ...
Moderate
Unreviewed
CVE-2020-25988
was published
May 24, 2022
In certain Secustation products the administrator account password can be read. This affects V2.5...
Moderate
Unreviewed
CVE-2022-40939
was published
Dec 8, 2022
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such...
Moderate
Unreviewed
CVE-2020-1749
was published
May 24, 2022
An issue was discovered in Gradle Enterprise before 2020.2.5. Lack of the secure attribute on the...
Moderate
Unreviewed
CVE-2020-15767
was published
May 24, 2022
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the...
Moderate
Unreviewed
CVE-2020-10124
was published
May 24, 2022
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead...
Moderate
Unreviewed
CVE-2020-3702
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API