Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,706
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

135 advisories

Loading
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on... Moderate Unreviewed
CVE-2019-4171 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An... Moderate Unreviewed
CVE-2019-13922 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel... Moderate Unreviewed
CVE-2019-1547 was published May 24, 2022
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed
CVE-2018-17287 was published May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed
CVE-2022-24045 was published May 21, 2022
The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the... Moderate Unreviewed
CVE-2018-6976 was published May 13, 2022
The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the... Moderate Unreviewed
CVE-2018-6975 was published May 13, 2022
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an... Moderate Unreviewed
CVE-2018-5482 was published May 13, 2022
Plaintext of decrypted emails can leak through by user submitting an embedded form. This... Moderate Unreviewed
CVE-2018-5185 was published May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4).... Moderate Unreviewed
CVE-2018-4847 was published May 13, 2022
A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128... Moderate Unreviewed
CVE-2018-17563 was published May 13, 2022
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http... Moderate Unreviewed
CVE-2017-9045 was published May 13, 2022
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information... Moderate Unreviewed
CVE-2017-8168 was published May 13, 2022
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6... Moderate Unreviewed
CVE-2017-7485 was published May 13, 2022
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption... Moderate Unreviewed
CVE-2017-6297 was published May 13, 2022
** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically... Moderate Unreviewed
CVE-2017-14953 was published May 13, 2022
** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for... Moderate Unreviewed
CVE-2017-8769 was published May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score:... Moderate Unreviewed
CVE-2017-14012 was published May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed
CVE-2018-1937 was published May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed
CVE-2018-1938 was published May 13, 2022
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API.... Moderate Unreviewed
CVE-2018-3826 was published May 13, 2022
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All... Moderate Unreviewed
CVE-2018-4855 was published May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-8849 was published May 13, 2022
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction... Moderate Unreviewed
CVE-2019-9862 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database