Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed
CVE-2019-9681 was published May 24, 2022
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on... Moderate Unreviewed
CVE-2019-4171 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An... Moderate Unreviewed
CVE-2019-13922 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel... Moderate Unreviewed
CVE-2019-1547 was published May 24, 2022
Search Guard versions before 23.1 had an issue that for aggregations clear text values of... High Unreviewed
CVE-2019-13419 was published May 24, 2022
MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection (XXE) attacks... Critical Unreviewed
CVE-2019-12924 was published May 24, 2022
JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template... High Unreviewed
CVE-2019-10103 was published May 24, 2022
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted... High Unreviewed
CVE-2019-6169 was published May 24, 2022
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user... Low Unreviewed
CVE-2019-0307 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET... Critical Unreviewed
CVE-2018-10698 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection... High Unreviewed
CVE-2018-10694 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic... High Unreviewed
CVE-2018-10690 was published May 24, 2022
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic... Critical Unreviewed
CVE-2019-11367 was published May 24, 2022
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var... High Unreviewed
CVE-2019-10139 was published May 24, 2022
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext... Critical Unreviewed
CVE-2018-13992 was published May 24, 2022
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed
CVE-2018-17287 was published May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed
CVE-2022-24045 was published May 21, 2022
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db,... High Unreviewed
CVE-2012-1977 was published May 17, 2022
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions... High Unreviewed
CVE-2018-7781 was published May 13, 2022
The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the... Moderate Unreviewed
CVE-2018-6976 was published May 13, 2022
The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the... Moderate Unreviewed
CVE-2018-6975 was published May 13, 2022
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan... Low Unreviewed
CVE-2018-6674 was published May 13, 2022
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an... Moderate Unreviewed
CVE-2018-5482 was published May 13, 2022
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the... High Unreviewed
CVE-2018-5481 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database