Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

633 advisories

Loading
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine... High Unreviewed
CVE-2022-26077 was published May 26, 2022
Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are... High Unreviewed
CVE-2021-32966 was published May 26, 2022
This advisory documents the impact of an internally found vulnerability in Arista EOS state... Moderate Unreviewed
CVE-2021-28508 was published May 27, 2022
This advisory documents the impact of an internally found vulnerability in Arista EOS state... Moderate Unreviewed
CVE-2021-28509 was published May 27, 2022
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and... Moderate Unreviewed
CVE-2022-29733 was published Jun 3, 2022
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure... Moderate Unreviewed
CVE-2022-30115 was published Jun 3, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. The transmission... Moderate Unreviewed
CVE-2022-25805 was published Jun 10, 2022
Information Disclosure via Export Module Moderate
CVE-2022-31046 was published for typo3/cms (Composer) Jun 17, 2022
linawolf derhansen
LRM version 2.4 and lower does not implement TLS encryption. A malicious actor can MITM attack... Moderate Unreviewed
CVE-2022-1524 was published Jun 25, 2022
Code injection in concrete CMS High
CVE-2022-21829 was published for concrete5/core (Composer) Jun 25, 2022
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller... High Unreviewed
CVE-2022-29519 was published Jun 29, 2022
A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this... Moderate Unreviewed
CVE-2017-20109 was published Jun 30, 2022
Cleartext Storage of Sensitive Information in Jenkins Build Notifications Plugin Low
CVE-2022-34801 was published for tools.devnull:build-notifications (Maven) Jul 1, 2022
NotMyFault
Jenkins OpsGenie Plugin vulnerable to Cleartext Transmission of Sensitive Information Moderate
CVE-2022-34804 was published for org.jenkins-ci.plugins:opsgenie (Maven) Jul 1, 2022
The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server... Moderate Unreviewed
CVE-2022-28861 was published Jul 22, 2022
Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They... High Unreviewed
CVE-2022-31204 was published Jul 27, 2022
Cleartext transmission of sensitive information vulnerability in authentication management in... Moderate Unreviewed
CVE-2022-27619 was published Aug 4, 2022
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1... Low Unreviewed
CVE-2022-33724 was published Aug 6, 2022
Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-34704 was published Aug 10, 2022
SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 430, 430, allows an... High Unreviewed
CVE-2022-32245 was published Aug 11, 2022
In Core Utilities, there is a possible log information disclosure. This could lead to local... Moderate Unreviewed
CVE-2022-20243 was published Aug 12, 2022
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in... Moderate Unreviewed
CVE-2022-2338 was published Aug 18, 2022
A flaw was found in Foreman project. A credential leak was identified which will expose Azure... High Unreviewed
CVE-2021-3590 was published Aug 23, 2022
This issue was addressed by using HTTPS when sending information over the network. This issue is... Moderate Unreviewed
CVE-2022-32857 was published Aug 25, 2022
In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be... High Unreviewed
CVE-2022-36200 was published Aug 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database