GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,630
Composer 4,715
Erlang 34
GitHub Actions 28
Go 2,302
Maven 5,577
npm 3,946
NuGet 711
pip 3,716
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,140

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed

CVE-2021-41302 was published May 24, 2022

An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones... High Unreviewed

CVE-2021-22932 was published May 24, 2022

A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The... High Unreviewed

CVE-2021-40366 was published May 24, 2022

A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0... High Unreviewed

CVE-2021-26100 was published May 24, 2022

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a... High Unreviewed

CVE-2021-34825 was published May 24, 2022

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed

CVE-2020-24396 was published May 24, 2022

IBM API Connect V10 is impacted by insecure communications during database replication. As the... High Unreviewed

CVE-2020-4695 was published May 24, 2022

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices... High Unreviewed

CVE-2020-23162 was published May 24, 2022

Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed

CVE-2020-26732 was published May 24, 2022

The encryption function of NHIServiSignAdapter fail to verify the file path input by users.... High Unreviewed

CVE-2020-25842 was published May 24, 2022

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed

CVE-2020-35587 was published May 24, 2022

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and... High Unreviewed

CVE-2020-14254 was published May 24, 2022

In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and... High Unreviewed

CVE-2020-27055 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28217 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28216 was published May 24, 2022

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting... High Unreviewed

CVE-2020-9774 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session... High Unreviewed

CVE-2020-27651 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.... High Unreviewed

CVE-2020-15771 was published May 24, 2022

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed

CVE-2020-10273 was published May 24, 2022

Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1... High Unreviewed

CVE-2020-10267 was published May 24, 2022

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... High Unreviewed

CVE-2019-18201 was published May 24, 2022

Search Guard versions before 23.1 had an issue that for aggregations clear text values of... High Unreviewed

CVE-2019-13419 was published May 24, 2022

JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template... High Unreviewed

CVE-2019-10103 was published May 24, 2022

A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted... High Unreviewed

CVE-2019-6169 was published May 24, 2022

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection... High Unreviewed

CVE-2018-10694 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

80 advisories