GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,904

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

633 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to... Moderate Unreviewed

CVE-2021-39882 was published May 24, 2022

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking... High Unreviewed

CVE-2021-22946 was published May 24, 2022

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed

CVE-2021-39342 was published May 24, 2022

The update process of the Circle Parental Control Service on various NETGEAR routers allows... High Unreviewed

CVE-2021-40847 was published May 24, 2022

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed

CVE-2021-39272 was published May 24, 2022

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to... High Unreviewed

CVE-2021-33883 was published May 24, 2022

When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed

CVE-2021-22923 was published May 24, 2022

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the... Moderate Unreviewed

CVE-2021-29769 was published May 24, 2022

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext... High Unreviewed

CVE-2020-36423 was published May 24, 2022

IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts... Moderate Unreviewed

CVE-2020-4980 was published May 24, 2022

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. Moderate Unreviewed

CVE-2020-12730 was published May 24, 2022

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can... Moderate Unreviewed

CVE-2021-34687 was published May 24, 2022

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone.... Critical Unreviewed

CVE-2021-22380 was published May 24, 2022

When using http protocol, the user password is transmitted as a clear text parameter for which it... Moderate Unreviewed

CVE-2021-23846 was published May 24, 2022

The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with... High Unreviewed

CVE-2021-32612 was published May 24, 2022

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of... Moderate Unreviewed

CVE-2021-22325 was published May 24, 2022

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of... Moderate Unreviewed

CVE-2021-23896 was published May 24, 2022

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations.... Moderate Unreviewed

CVE-2021-31855 was published May 24, 2022

Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before... High Unreviewed

CVE-2021-23018 was published May 24, 2022

Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote... Moderate Unreviewed

CVE-2021-33408 was published May 24, 2022

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.... Moderate Unreviewed

CVE-2021-25643 was published May 24, 2022

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View... Moderate Unreviewed

CVE-2021-27925 was published May 24, 2022

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is... Moderate Unreviewed

CVE-2021-27924 was published May 24, 2022

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the... Moderate Unreviewed

CVE-2021-32456 was published May 24, 2022

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial... High Unreviewed

CVE-2020-27185 was published May 24, 2022

Previous 1…15…26 Next

Previous 1 2 … 13 14 15 16 17 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

633 advisories