Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

320 advisories

Loading
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed
CVE-2021-26564 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology... Moderate Unreviewed
CVE-2021-26560 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed
CVE-2021-26565 was published May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional... Moderate Unreviewed
CVE-2020-8356 was published May 24, 2022
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials... Moderate Unreviewed
CVE-2021-3417 was published May 24, 2022
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for... Moderate Unreviewed
CVE-2020-7308 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee... Moderate Unreviewed
CVE-2021-23884 was published May 24, 2022
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by... Moderate Unreviewed
CVE-2021-3494 was published May 24, 2022
Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over... Moderate Unreviewed
CVE-2021-3003 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the... Moderate Unreviewed
CVE-2021-32456 was published May 24, 2022
An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is... Moderate Unreviewed
CVE-2021-27924 was published May 24, 2022
An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View... Moderate Unreviewed
CVE-2021-27925 was published May 24, 2022
An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.... Moderate Unreviewed
CVE-2021-25643 was published May 24, 2022
Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote... Moderate Unreviewed
CVE-2021-33408 was published May 24, 2022
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations.... Moderate Unreviewed
CVE-2021-31855 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of... Moderate Unreviewed
CVE-2021-23896 was published May 24, 2022
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of... Moderate Unreviewed
CVE-2021-22325 was published May 24, 2022
When using http protocol, the user password is transmitted as a clear text parameter for which it... Moderate Unreviewed
CVE-2021-23846 was published May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can... Moderate Unreviewed
CVE-2021-34687 was published May 24, 2022
MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. Moderate Unreviewed
CVE-2020-12730 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts... Moderate Unreviewed
CVE-2020-4980 was published May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the... Moderate Unreviewed
CVE-2021-29769 was published May 24, 2022
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed
CVE-2021-39272 was published May 24, 2022
The Credova_Financial WordPress plugin discloses a site's associated Credova API account username... Moderate Unreviewed
CVE-2021-39342 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database