Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose... Moderate Unreviewed
CVE-2019-6613 was published May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29874 was published May 21, 2022
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl... High Unreviewed
CVE-2021-32934 was published May 20, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30994 was published May 19, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30993 was published May 19, 2022
Setuptools vulnerable to Man-in-the-middle attacks High
CVE-2013-1633 was published for setuptools (pip) May 17, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account... Critical Unreviewed
CVE-2018-7259 was published May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's... Critical Unreviewed
CVE-2018-7246 was published May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams Critical Unreviewed
CVE-2018-6295 was published May 13, 2022
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof... Moderate Unreviewed
CVE-2018-6019 was published May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to... Critical Unreviewed
CVE-2018-6018 was published May 13, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to... Critical Unreviewed
CVE-2018-6017 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed
CVE-2018-4227 was published May 13, 2022
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private... Moderate Unreviewed
CVE-2018-19111 was published May 13, 2022
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests... Moderate Unreviewed
CVE-2018-18908 was published May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted... High Unreviewed
CVE-2018-18071 was published May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15752 was published May 13, 2022
The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when... Moderate Unreviewed
CVE-2018-14627 was published May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the... High Unreviewed
CVE-2018-13140 was published May 13, 2022
Missing certificate validation in Apache JMeter Critical
CVE-2018-1297 was published for org.apache.jmeter:ApacheJMeter (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database