Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves... High Unreviewed
CVE-2017-7133 was published May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The... High Unreviewed
CVE-2017-6432 was published May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ... High Unreviewed
CVE-2017-5652 was published May 13, 2022
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be... High Unreviewed
CVE-2017-1694 was published May 13, 2022
Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1... High Unreviewed
CVE-2017-15290 was published May 13, 2022
The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use... High Unreviewed
CVE-2017-14486 was published May 13, 2022
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges... High Unreviewed
CVE-2017-1181 was published May 13, 2022
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information... High Unreviewed
CVE-2017-1000024 was published May 13, 2022
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential... High Unreviewed
CVE-2017-0925 was published May 13, 2022
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an... High Unreviewed
CVE-2017-12310 was published May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a... High Unreviewed
CVE-2018-1600 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits... High Unreviewed
CVE-2018-8842 was published May 13, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application... High Unreviewed
CVE-2019-7675 was published May 13, 2022
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper... High Unreviewed
CVE-2017-9035 was published May 13, 2022
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext... High Unreviewed
CVE-2008-4390 was published May 2, 2022
OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the... High Unreviewed
CVE-2008-0374 was published May 1, 2022
An information disclosure vulnerability exists in the Web Application functionality of Moxa... High Unreviewed
CVE-2021-40392 was published Apr 15, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are... High Unreviewed
CVE-2021-32982 was published Apr 5, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in... High Unreviewed
CVE-2021-33022 was published Apr 3, 2022
Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as... High Unreviewed
CVE-2022-0988 was published Mar 26, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP... High Unreviewed
CVE-2021-27422 was published Mar 24, 2022
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x... High Unreviewed
CVE-2020-25178 was published Mar 19, 2022
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext... High Unreviewed
CVE-2021-40846 was published Mar 5, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar... High Unreviewed
CVE-2021-29397 was published Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database