Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,297
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

238 advisories

Loading
Downloads Resources over HTTP in mystem-wrapper High
CVE-2016-10671 was published for mystem-wrapper (npm) Feb 18, 2019
Downloads Resources over HTTP in webdrvr High
CVE-2016-10601 was published for webdrvr (npm) Feb 18, 2019
Downloads Resources over HTTP in galenframework-cli High
CVE-2016-10560 was published for galenframework-cli (npm) Feb 18, 2019
Downloads Resources over HTTP in pennyworth High
CVE-2016-10619 was published for pennyworth (npm) Feb 18, 2019
Downloads Resources over HTTP in cue-sdk-node High
CVE-2016-10590 was published for cue-sdk-node (npm) Feb 18, 2019
Downloads Resources over HTTP in npm-test-sqlite3-trunk High
CVE-2016-10695 was published for npm-test-sqlite3-trunk (npm) Sep 1, 2020
Downloads Resources over HTTP in apk-parser High
CVE-2016-10564 was published for apk-parser (npm) Sep 1, 2020
Downloads Resources over HTTP in js-given High
CVE-2016-10638 was published for js-given (npm) Feb 18, 2019
Downloads Resources over HTTP in aerospike High
CVE-2016-10558 was published for aerospike (npm) Feb 18, 2019
Downloads Resources over HTTP in broccoli-closure High
CVE-2016-10635 was published for broccoli-closure (npm) Feb 18, 2019
Downloads Resources over HTTP in roslib-socketio High
CVE-2016-10681 was published for roslib-socketio (npm) Sep 1, 2020
Downloads Resources over HTTP in pm2-kafka High
CVE-2016-10693 was published for pm2-kafka (npm) Sep 1, 2020
Downloads Resources over HTTP in apk-parser3 High
CVE-2016-10574 was published for apk-parser3 (npm) Sep 1, 2020
Downloads Resources over HTTP in windows-latestchromedriver High
CVE-2016-10696 was published for windows-latestchromedriver (npm) Sep 1, 2020
Downloads Resources over HTTP in node-air-sdk High
CVE-2016-10647 was published for node-air-sdk (npm) Sep 1, 2020
selenium-binaries downloads resources over HTTP High
CVE-2016-10589 was published for selenium-binaries (npm) Feb 18, 2019
steroids downloads resources over HTTP High
CVE-2016-10581 was published for steroids (npm) Feb 18, 2019
Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number... High Unreviewed
CVE-2021-44480 was published Dec 2, 2021
Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed
CVE-2020-26732 was published May 24, 2022
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0... High Unreviewed
CVE-2021-26100 was published May 24, 2022
Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a... High Unreviewed
CVE-2021-34825 was published May 24, 2022
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow... High Unreviewed
CVE-2022-30237 was published Jun 3, 2022
homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed
CVE-2020-24396 was published May 24, 2022
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted... High Unreviewed
CVE-2019-6169 was published May 24, 2022
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... High Unreviewed
CVE-2019-18201 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database