Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Loading
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed
CVE-2021-39272 was published May 24, 2022
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the... Moderate Unreviewed
CVE-2021-29769 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts... Moderate Unreviewed
CVE-2020-4980 was published May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can... Moderate Unreviewed
CVE-2021-34687 was published May 24, 2022
MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. Moderate Unreviewed
CVE-2020-12730 was published May 24, 2022
When using http protocol, the user password is transmitted as a clear text parameter for which it... Moderate Unreviewed
CVE-2021-23846 was published May 24, 2022
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of... Moderate Unreviewed
CVE-2021-22325 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of... Moderate Unreviewed
CVE-2021-23896 was published May 24, 2022
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations.... Moderate Unreviewed
CVE-2021-31855 was published May 24, 2022
Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote... Moderate Unreviewed
CVE-2021-33408 was published May 24, 2022
An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.... Moderate Unreviewed
CVE-2021-25643 was published May 24, 2022
An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View... Moderate Unreviewed
CVE-2021-27925 was published May 24, 2022
An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is... Moderate Unreviewed
CVE-2021-27924 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the... Moderate Unreviewed
CVE-2021-32456 was published May 24, 2022
Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over... Moderate Unreviewed
CVE-2021-3003 was published May 24, 2022
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by... Moderate Unreviewed
CVE-2021-3494 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee... Moderate Unreviewed
CVE-2021-23884 was published May 24, 2022
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for... Moderate Unreviewed
CVE-2020-7308 was published May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials... Moderate Unreviewed
CVE-2021-3417 was published May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional... Moderate Unreviewed
CVE-2020-8356 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology... Moderate Unreviewed
CVE-2021-26560 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed
CVE-2021-26564 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed
CVE-2021-26565 was published May 24, 2022
Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote... Moderate Unreviewed
CVE-2020-25605 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database