GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
531 advisories
Filter by severity
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague...
Moderate
Unreviewed
CVE-2017-8154
was published
May 13, 2022
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script...
Moderate
Unreviewed
CVE-2017-8850
was published
May 13, 2022
An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the...
Moderate
Unreviewed
CVE-2017-8851
was published
May 13, 2022
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1...
High
Unreviewed
CVE-2018-11050
was published
May 13, 2022
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list...
High
Unreviewed
CVE-2018-11338
was published
May 13, 2022
SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate...
Moderate
Unreviewed
CVE-2018-11399
was published
May 13, 2022
SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate...
Moderate
Unreviewed
CVE-2018-11402
was published
May 13, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent...
Moderate
Unreviewed
CVE-2018-11477
was published
May 13, 2022
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having...
High
Unreviewed
CVE-2018-12710
was published
May 13, 2022
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)...
Moderate
Unreviewed
CVE-2018-12674
was published
May 13, 2022
Missing certificate validation in Apache JMeter
Critical
CVE-2018-1297
was published
for
org.apache.jmeter:ApacheJMeter
(Maven)
May 13, 2022
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the...
High
Unreviewed
CVE-2018-13140
was published
May 13, 2022
The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when...
Moderate
Unreviewed
CVE-2018-14627
was published
May 13, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android....
High
Unreviewed
CVE-2018-15752
was published
May 13, 2022
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted...
High
Unreviewed
CVE-2018-18071
was published
May 13, 2022
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests...
Moderate
Unreviewed
CVE-2018-18908
was published
May 13, 2022
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private...
Moderate
Unreviewed
CVE-2018-19111
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10...
High
Unreviewed
CVE-2018-4227
was published
May 13, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to...
Critical
Unreviewed
CVE-2018-6017
was published
May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to...
Critical
Unreviewed
CVE-2018-6018
was published
May 13, 2022
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof...
Moderate
Unreviewed
CVE-2018-6019
was published
May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
Critical
Unreviewed
CVE-2018-6295
was published
May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account...
Critical
Unreviewed
CVE-2018-7259
was published
May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's...
Critical
Unreviewed
CVE-2018-7246
was published
May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software...
High
Unreviewed
CVE-2018-7298
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API