GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

631 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar... High Unreviewed

CVE-2021-29397 was published Feb 9, 2022

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore,... High Unreviewed

CVE-2021-41835 was published Jan 22, 2022

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed

CVE-2021-20175 was published Dec 31, 2021

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By... High Unreviewed

CVE-2021-20169 was published Dec 31, 2021

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed

CVE-2021-20174 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS... High Unreviewed

CVE-2021-20154 was published Dec 31, 2021

The affected products contain vulnerable firmware, which could allow an attacker to sniff the... High Unreviewed

CVE-2021-4161 was published Dec 28, 2021

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext... High Unreviewed

CVE-2020-36423 was published May 24, 2022

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed

CVE-2021-39272 was published May 24, 2022

Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25... High Unreviewed

CVE-2021-45447 was published Nov 2, 2022

Potentially compromised builds High

CVE-2019-10249 was published for org.eclipse.xtend:org.eclipse.xtend.core (Maven) May 24, 2022

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests... Moderate Unreviewed

CVE-2019-4280 was published May 24, 2022

In Core Utilities, there is a possible log information disclosure. This could lead to local... Moderate Unreviewed

CVE-2022-20243 was published Aug 12, 2022

In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed

CVE-2018-7298 was published May 13, 2022

There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed

CVE-2018-7960 was published May 13, 2022

Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to... Critical Unreviewed

CVE-2018-6017 was published May 13, 2022

Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof... Moderate Unreviewed

CVE-2018-6019 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed

CVE-2018-4227 was published May 13, 2022

A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's... Critical Unreviewed

CVE-2018-7246 was published May 13, 2022

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account... Critical Unreviewed

CVE-2018-7259 was published May 13, 2022

Unencrypted way of remote control and communications in Hanwha Techwin Smartcams Critical Unreviewed

CVE-2018-6295 was published May 13, 2022

Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to... Critical Unreviewed

CVE-2018-6018 was published May 13, 2022

The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests... Moderate Unreviewed

CVE-2018-18908 was published May 13, 2022

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted... High Unreviewed

CVE-2018-18071 was published May 13, 2022

The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private... Moderate Unreviewed

CVE-2018-19111 was published May 13, 2022

Previous 1…16…26 Next

Previous 1 2 … 14 15 16 17 18 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

631 advisories