Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user... Critical Unreviewed
CVE-2018-10612 was published May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-10631 was published May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all... Critical Unreviewed
CVE-2018-17915 was published May 13, 2022
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2018-1683 was published May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed
CVE-2018-1937 was published May 13, 2022
IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed
CVE-2018-1938 was published May 13, 2022
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API.... Moderate Unreviewed
CVE-2018-3826 was published May 13, 2022
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All... Moderate Unreviewed
CVE-2018-4855 was published May 13, 2022
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up... Critical Unreviewed
CVE-2018-7498 was published May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed
CVE-2018-8849 was published May 13, 2022
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices... Low Unreviewed
CVE-2018-8864 was published May 13, 2022
SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or... High Unreviewed
CVE-2017-17763 was published May 13, 2022
An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction... Moderate Unreviewed
CVE-2019-9862 was published May 13, 2022
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions... Moderate Unreviewed
CVE-2018-18984 was published May 13, 2022
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by... High Unreviewed
CVE-2019-6518 was published May 13, 2022
Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default... Critical Unreviewed
CVE-2018-16879 was published May 13, 2022
In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were... High Unreviewed
CVE-2017-12817 was published May 13, 2022
On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted... High Unreviewed
CVE-2017-7729 was published May 13, 2022
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may... Low Unreviewed
CVE-2019-1573 was published May 13, 2022
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The... Moderate Unreviewed
CVE-2021-27764 was published May 7, 2022
The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol... Moderate Unreviewed
CVE-2007-4961 was published May 1, 2022
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for... Moderate Unreviewed
CVE-2017-5042 was published Apr 30, 2022
DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone... High Unreviewed
CVE-2022-29945 was published Apr 30, 2022
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS... Moderate Unreviewed
CVE-2012-5474 was published Apr 23, 2022
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to... High Unreviewed
CVE-2011-3355 was published Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database