Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Loading
An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android.... Moderate Unreviewed
CVE-2021-44518 was published Dec 3, 2021
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following... Moderate Unreviewed
CVE-2021-41849 was published Mar 13, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has... Moderate Unreviewed
CVE-2003-5002 was published Mar 29, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of... Moderate Unreviewed
CVE-2021-45894 was published Apr 6, 2022
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the... Moderate Unreviewed
CVE-2010-4177 was published Apr 21, 2022
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain... Moderate Unreviewed
CVE-2012-1257 was published Apr 23, 2022
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption... Moderate Unreviewed
CVE-2004-1852 was published Apr 29, 2022
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits... Moderate Unreviewed
CVE-2002-1949 was published Apr 30, 2022
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use... Moderate Unreviewed
CVE-2005-2069 was published May 1, 2022
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map ... Moderate Unreviewed
CVE-2005-3140 was published May 1, 2022
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2... Moderate Unreviewed
CVE-2007-4786 was published May 1, 2022
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified... Moderate Unreviewed
CVE-2008-3289 was published May 1, 2022
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which... Moderate Unreviewed
CVE-2008-4122 was published May 2, 2022
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails... Moderate Unreviewed
CVE-2019-10740 was published May 4, 2022
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10732 was published May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and... Moderate Unreviewed
CVE-2019-6540 was published May 13, 2022
UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which... Moderate Unreviewed
CVE-2019-10250 was published May 13, 2022
The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain... Moderate Unreviewed
CVE-2019-10251 was published May 13, 2022
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10734 was published May 13, 2022
In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them... Moderate Unreviewed
CVE-2019-10735 was published May 13, 2022
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows... Moderate Unreviewed
CVE-2019-8345 was published May 13, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2018-1454 was published May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2018-1525 was published May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such... Moderate Unreviewed
CVE-2018-16225 was published May 13, 2022
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive... Moderate Unreviewed
CVE-2019-4063 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database