GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
130 advisories
Filter by severity
An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android....
Moderate
Unreviewed
CVE-2021-44518
was published
Dec 3, 2021
A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below,...
Moderate
Unreviewed
CVE-2021-36189
was published
Dec 10, 2021
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and ...
Moderate
Unreviewed
CVE-2022-0183
was published
Jan 18, 2022
An information disclosure vulnerability exists in the Web Server functionality of Sealevel...
Moderate
Unreviewed
CVE-2021-21963
was published
Feb 9, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
Moderate
Unreviewed
CVE-2021-37209
was published
Mar 9, 2022
Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. It...
Moderate
Unreviewed
CVE-2022-27225
was published
Mar 17, 2022
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS...
Moderate
Unreviewed
CVE-2012-5474
was published
Apr 23, 2022
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for...
Moderate
Unreviewed
CVE-2017-5042
was published
Apr 30, 2022
The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol...
Moderate
Unreviewed
CVE-2007-4961
was published
May 1, 2022
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The...
Moderate
Unreviewed
CVE-2021-27764
was published
May 7, 2022
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction...
Moderate
Unreviewed
CVE-2019-9862
was published
May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and...
Moderate
Unreviewed
CVE-2018-8849
was published
May 13, 2022
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All...
Moderate
Unreviewed
CVE-2018-4855
was published
May 13, 2022
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API....
Moderate
Unreviewed
CVE-2018-3826
was published
May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept...
Moderate
Unreviewed
CVE-2018-1938
was published
May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept...
Moderate
Unreviewed
CVE-2018-1937
was published
May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score:...
Moderate
Unreviewed
CVE-2017-14012
was published
May 13, 2022
** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for...
Moderate
Unreviewed
CVE-2017-8769
was published
May 13, 2022
** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically...
Moderate
Unreviewed
CVE-2017-14953
was published
May 13, 2022
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption...
Moderate
Unreviewed
CVE-2017-6297
was published
May 13, 2022
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6...
Moderate
Unreviewed
CVE-2017-7485
was published
May 13, 2022
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information...
Moderate
Unreviewed
CVE-2017-8168
was published
May 13, 2022
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http...
Moderate
Unreviewed
CVE-2017-9045
was published
May 13, 2022
A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128...
Moderate
Unreviewed
CVE-2018-17563
was published
May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4)....
Moderate
Unreviewed
CVE-2018-4847
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API