GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
37 advisories
Filter by severity
NASA AIT-Core vulnerable to remote code execution
Critical
CVE-2024-35057
was published
for
ait-core
(pip)
May 21, 2024
NASA AIT-Core vulnerable to remote code execution
Critical
CVE-2024-35058
was published
for
ait-core
(pip)
May 21, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can...
Critical
Unreviewed
CVE-2024-25735
was published
Mar 27, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38891
was published
Aug 2, 2024
NASA AIT-Core vulnerable to remote code execution
Critical
CVE-2024-35059
was published
for
ait-core
(pip)
May 21, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ...
Critical
Unreviewed
CVE-2019-17393
was published
May 24, 2022
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan...
Critical
Unreviewed
CVE-2023-33730
was published
May 31, 2023
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could
cause...
Critical
Unreviewed
CVE-2022-46680
was published
May 22, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical...
Critical
Unreviewed
CVE-2023-30354
was published
May 10, 2023
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0...
Critical
Unreviewed
CVE-2019-3793
was published
May 24, 2022
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information...
Critical
Unreviewed
CVE-2023-39245
was published
Feb 15, 2024
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated...
Critical
Unreviewed
CVE-2023-39172
was published
Dec 7, 2023
The affected product is vulnerable due to cleartext transmission of credentials seen in the...
Critical
Unreviewed
CVE-2022-21798
was published
Feb 26, 2022
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router...
Critical
Unreviewed
CVE-2022-0162
was published
Feb 11, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to...
Critical
Unreviewed
CVE-2018-6017
was published
May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's...
Critical
Unreviewed
CVE-2018-7246
was published
May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account...
Critical
Unreviewed
CVE-2018-7259
was published
May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
Critical
Unreviewed
CVE-2018-6295
was published
May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to...
Critical
Unreviewed
CVE-2018-6018
was published
May 13, 2022
Missing certificate validation in Apache JMeter
Critical
CVE-2018-1297
was published
for
org.apache.jmeter:ApacheJMeter
(Maven)
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for...
Critical
Unreviewed
CVE-2017-15999
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-8855
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API