GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,746

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

531 advisories

Filter by severity

Sort by

Least recently updated

UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which... Moderate Unreviewed

CVE-2019-10250 was published May 13, 2022

In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them... Moderate Unreviewed

CVE-2019-10735 was published May 13, 2022

In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed

CVE-2019-10734 was published May 13, 2022

The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain... Moderate Unreviewed

CVE-2019-10251 was published May 13, 2022

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper... High Unreviewed

CVE-2017-9035 was published May 13, 2022

The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and... Moderate Unreviewed

CVE-2019-6540 was published May 13, 2022

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A... Critical Unreviewed

CVE-2019-6526 was published May 13, 2022

When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials... Critical Unreviewed

CVE-2018-11749 was published May 13, 2022

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed

CVE-2019-10732 was published May 13, 2022

In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails... Moderate Unreviewed

CVE-2019-10740 was published May 4, 2022

The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext... High Unreviewed

CVE-2008-4390 was published May 2, 2022

Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which... Moderate Unreviewed

CVE-2008-4122 was published May 2, 2022

EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified... Moderate Unreviewed

CVE-2008-3289 was published May 1, 2022

OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the... High Unreviewed

CVE-2008-0374 was published May 1, 2022

make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command... Low Unreviewed

CVE-2007-5626 was published May 1, 2022

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2... Moderate Unreviewed

CVE-2007-4786 was published May 1, 2022

Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map ... Moderate Unreviewed

CVE-2005-3140 was published May 1, 2022

pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use... Moderate Unreviewed

CVE-2005-2069 was published May 1, 2022

The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits... Moderate Unreviewed

CVE-2002-1949 was published Apr 30, 2022

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption... Moderate Unreviewed

CVE-2004-1852 was published Apr 29, 2022

Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain... Moderate Unreviewed

CVE-2012-1257 was published Apr 23, 2022

mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the... Moderate Unreviewed

CVE-2010-4177 was published Apr 21, 2022

An information disclosure vulnerability exists in the Web Application functionality of Moxa... High Unreviewed

CVE-2021-40392 was published Apr 15, 2022

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of... Moderate Unreviewed

CVE-2021-45894 was published Apr 6, 2022

Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are... High Unreviewed

CVE-2021-32982 was published Apr 5, 2022

Previous 1 2 … 18 19 20 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

531 advisories