Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

320 advisories

Loading
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires... Moderate Unreviewed
CVE-2017-15042 was published May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security... Moderate Unreviewed
CVE-2017-1232 was published May 13, 2022
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit... Moderate Unreviewed
CVE-2017-12716 was published May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface... Moderate Unreviewed
CVE-2017-14009 was published May 13, 2022
The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt... Moderate Unreviewed
CVE-2017-8444 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0281 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0283 was published May 13, 2022
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed
CVE-2018-10634 was published May 13, 2022
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or... Moderate Unreviewed
CVE-2018-5401 was published May 13, 2022
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS,... Moderate Unreviewed
CVE-2018-5471 was published May 13, 2022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7... Moderate Unreviewed
CVE-2011-3022 was published May 13, 2022
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local... Moderate Unreviewed
CVE-2019-5489 was published May 13, 2022
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive... Moderate Unreviewed
CVE-2019-4063 was published May 13, 2022
Insecure transport protocol in Gradle Moderate
CVE-2019-11065 was published for org.gradle:gradle-core (Maven) May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such... Moderate Unreviewed
CVE-2018-16225 was published May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2018-1525 was published May 13, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2018-1454 was published May 13, 2022
Cleartext Transmission of Sensitive Information in Apache CXF Moderate
CVE-2014-0035 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows... Moderate Unreviewed
CVE-2019-8345 was published May 13, 2022
In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them... Moderate Unreviewed
CVE-2019-10735 was published May 13, 2022
The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain... Moderate Unreviewed
CVE-2019-10251 was published May 13, 2022
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10734 was published May 13, 2022
UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which... Moderate Unreviewed
CVE-2019-10250 was published May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and... Moderate Unreviewed
CVE-2019-6540 was published May 13, 2022
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10732 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database