Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

45 advisories

Loading
In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021),... High Unreviewed
CVE-2021-41033 was published May 24, 2022
When an authenticated password change request takes place, this vulnerability could allow the... High Unreviewed
CVE-2021-32926 was published May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to... High Unreviewed
CVE-2021-22909 was published May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to... Moderate Unreviewed
CVE-2021-22890 was published May 24, 2022
containernetworking/plugins vulnerable to MitM attacks Moderate
CVE-2020-10749 was published for github.com/containernetworking/plugins (Go) May 24, 2022
Missing SSH host key validation in Jenkins Amazon EC2 Plugin Moderate
CVE-2020-2185 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle... Moderate Unreviewed
CVE-2019-3981 was published May 24, 2022
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a... High Unreviewed
CVE-2019-14899 was published May 24, 2022
Jenkins Google Compute Engine Plugin does not verify SSH host keys when connecting agents created by the plugin Moderate
CVE-2019-16546 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017... Moderate Unreviewed
CVE-2017-15085 was published May 13, 2022
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017... High Unreviewed
CVE-2017-15086 was published May 13, 2022
A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4.... Moderate Unreviewed
CVE-2017-6052 was published May 13, 2022
A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions... High Unreviewed
CVE-2017-6870 was published May 13, 2022
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that... High Unreviewed
CVE-2017-9941 was published May 13, 2022
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing... Critical Unreviewed
CVE-2017-7480 was published May 13, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2017-12735 was published May 13, 2022
Insecure Defaults Leads to Potential MITM in ezseed-transmission Moderate
CVE-2016-1000224 was published for ezseed-transmission (npm) Sep 1, 2020
Machine-In-The-Middle in https-proxy-agent Moderate
GHSA-pc5p-h8pf-mvwp was published for https-proxy-agent (npm) Apr 16, 2020
Insecure Defaults Allow MITM Over TLS in engine.io-client Moderate
CVE-2016-10536 was published for engine.io-client (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database