GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,573

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Filter by severity

Sort by

Least recently updated

EspoCRM version 7.1.8 is vulnerable to Missing Secure Flag allowing the browser to send plain... Moderate Unreviewed

CVE-2022-38846 was published Sep 17, 2022

The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive... Moderate Unreviewed

CVE-2022-30312 was published Sep 8, 2022

Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in... Moderate Unreviewed

CVE-2022-2338 was published Aug 18, 2022

In Core Utilities, there is a possible log information disclosure. This could lead to local... Moderate Unreviewed

CVE-2022-20243 was published Aug 12, 2022

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed

CVE-2022-34704 was published Aug 10, 2022

Cleartext transmission of sensitive information vulnerability in authentication management in... Moderate Unreviewed

CVE-2022-27619 was published Aug 4, 2022

The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server... Moderate Unreviewed

CVE-2022-28861 was published Jul 22, 2022

A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this... Moderate Unreviewed

CVE-2017-20109 was published Jun 30, 2022

LRM version 2.4 and lower does not implement TLS encryption. A malicious actor can MITM attack... Moderate Unreviewed

CVE-2022-1524 was published Jun 25, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. The transmission... Moderate Unreviewed

CVE-2022-25805 was published Jun 10, 2022

Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure... Moderate Unreviewed

CVE-2022-30115 was published Jun 3, 2022

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and... Moderate Unreviewed

CVE-2022-29733 was published Jun 3, 2022

This advisory documents the impact of an internally found vulnerability in Arista EOS state... Moderate Unreviewed

CVE-2021-28508 was published May 27, 2022

This advisory documents the impact of an internally found vulnerability in Arista EOS state... Moderate Unreviewed

CVE-2021-28509 was published May 27, 2022

The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP... Moderate Unreviewed

CVE-2021-42699 was published May 24, 2022

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view... Moderate Unreviewed

CVE-2020-35456 was published May 24, 2022

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive... Moderate Unreviewed

CVE-2019-4382 was published May 24, 2022

Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble... Moderate Unreviewed

CVE-2021-3792 was published May 24, 2022

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed... Moderate Unreviewed

CVE-2021-42111 was published May 24, 2022

IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in... Moderate Unreviewed

CVE-2020-4152 was published May 24, 2022

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6... Moderate Unreviewed

CVE-2021-29753 was published May 24, 2022

Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open... Moderate Unreviewed

CVE-2021-3774 was published May 24, 2022

Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an... Moderate Unreviewed

CVE-2021-38418 was published May 24, 2022

In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to... Moderate Unreviewed

CVE-2021-39882 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

Previous 1 2 3 4 5 6 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

232 advisories