GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,590
Composer 4,706
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,535

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

135 advisories

Filter by severity

Sort by

Least recently updated

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the... Moderate Unreviewed

CVE-2020-1688 was published May 24, 2022

An issue was discovered in Gradle Enterprise before 2020.2.5. Lack of the secure attribute on the... Moderate Unreviewed

CVE-2020-15767 was published May 24, 2022

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH... Moderate Unreviewed

CVE-2020-12398 was published May 24, 2022

SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case... Moderate Unreviewed

CVE-2020-15574 was published May 24, 2022

Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed

CVE-2020-15509 was published May 24, 2022

In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery... Moderate Unreviewed

CVE-2020-15302 was published May 24, 2022

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed

CVE-2020-12801 was published May 24, 2022

An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A... Moderate Unreviewed

CVE-2020-12772 was published May 24, 2022

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane... Moderate Unreviewed

CVE-2020-5879 was published May 24, 2022

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. Moderate Unreviewed

CVE-2020-11685 was published May 24, 2022

Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a... Moderate Unreviewed

CVE-2020-11826 was published May 24, 2022

A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated... Moderate Unreviewed

CVE-2019-18376 was published May 24, 2022

Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key)... Moderate Unreviewed

CVE-2020-10941 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It... Moderate Unreviewed

CVE-2019-16063 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database... Moderate Unreviewed

CVE-2019-16062 was published May 24, 2022

An issue was detected in ONAP Portal through Dublin. By executing a padding oracle attack using... Moderate Unreviewed

CVE-2019-12121 was published May 24, 2022

An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure... Moderate Unreviewed

CVE-2020-9470 was published May 24, 2022

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6... Moderate Unreviewed

CVE-2015-0558 was published May 24, 2022

DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP. Moderate Unreviewed

CVE-2019-16274 was published May 24, 2022

wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces.... Moderate Unreviewed

CVE-2019-14317 was published May 24, 2022

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed

CVE-2019-16672 was published May 24, 2022

The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check. Moderate Unreviewed

CVE-2019-19463 was published May 24, 2022

JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed

CVE-2019-14959 was published May 24, 2022

JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link... Moderate Unreviewed

CVE-2019-14954 was published May 24, 2022

Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed

CVE-2019-9681 was published May 24, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

135 advisories