GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,810

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance... Moderate Unreviewed

CVE-2020-29024 was published May 24, 2022

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices... High Unreviewed

CVE-2020-23162 was published May 24, 2022

Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed

CVE-2020-26732 was published May 24, 2022

IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or... Moderate Unreviewed

CVE-2020-4597 was published May 24, 2022

The encryption function of NHIServiSignAdapter fail to verify the file path input by users.... High Unreviewed

CVE-2020-25842 was published May 24, 2022

SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. Moderate Unreviewed

CVE-2020-35658 was published May 24, 2022

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed

CVE-2020-35587 was published May 24, 2022

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and... High Unreviewed

CVE-2020-14254 was published May 24, 2022

In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and... High Unreviewed

CVE-2020-27055 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28217 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28216 was published May 24, 2022

SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the... Moderate Unreviewed

CVE-2020-26816 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all... Moderate Unreviewed

CVE-2020-7567 was published May 24, 2022

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption... Moderate Unreviewed

CVE-2020-8150 was published May 24, 2022

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed... Low Unreviewed

CVE-2020-8173 was published May 24, 2022

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting... High Unreviewed

CVE-2020-9774 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session... High Unreviewed

CVE-2020-27651 was published May 24, 2022

Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the... Moderate Unreviewed

CVE-2020-27650 was published May 24, 2022

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the... Moderate Unreviewed

CVE-2020-1688 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.... High Unreviewed

CVE-2020-15771 was published May 24, 2022

An issue was discovered in Gradle Enterprise before 2020.2.5. Lack of the secure attribute on the... Moderate Unreviewed

CVE-2020-15767 was published May 24, 2022

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH... Moderate Unreviewed

CVE-2020-12398 was published May 24, 2022

SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case... Moderate Unreviewed

CVE-2020-15574 was published May 24, 2022

Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed

CVE-2020-15509 was published May 24, 2022

In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery... Moderate Unreviewed

CVE-2020-15302 was published May 24, 2022

Previous 1…6…11 Next

Previous 1 2 3 4 5 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

263 advisories