Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext... High Unreviewed
CVE-2018-5261 was published May 13, 2022
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This... High Unreviewed
CVE-2018-5162 was published May 13, 2022
Plaintext of decrypted emails can leak through by user submitting an embedded form. This... Moderate Unreviewed
CVE-2018-5185 was published May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4).... Moderate Unreviewed
CVE-2018-4847 was published May 13, 2022
An issue was discovered on August Connect devices. Insecure data transfer between the August app... Critical Unreviewed
CVE-2018-20100 was published May 13, 2022
A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128... Moderate Unreviewed
CVE-2018-17563 was published May 13, 2022
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level... High Unreviewed
CVE-2018-14608 was published May 13, 2022
Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer... High Unreviewed
CVE-2018-14607 was published May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sniffing for specific... Critical Unreviewed
CVE-2017-9854 was published May 13, 2022
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17... High Unreviewed
CVE-2017-9604 was published May 13, 2022
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http... Moderate Unreviewed
CVE-2017-9045 was published May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud... High Unreviewed
CVE-2017-8221 was published May 13, 2022
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information... Moderate Unreviewed
CVE-2017-8168 was published May 13, 2022
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6... Moderate Unreviewed
CVE-2017-7485 was published May 13, 2022
The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and... High Unreviewed
CVE-2017-6445 was published May 13, 2022
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption... Moderate Unreviewed
CVE-2017-6297 was published May 13, 2022
Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a... High Unreviewed
CVE-2017-15609 was published May 13, 2022
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other... High Unreviewed
CVE-2017-15581 was published May 13, 2022
Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a... High Unreviewed
CVE-2017-15397 was published May 13, 2022
** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically... Moderate Unreviewed
CVE-2017-14953 was published May 13, 2022
** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for... Moderate Unreviewed
CVE-2017-8769 was published May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score:... Moderate Unreviewed
CVE-2017-14012 was published May 13, 2022
Acronis True Image up to and including version 2017 Build 8053 performs software updates using... High Unreviewed
CVE-2017-3219 was published May 13, 2022
In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for... High Unreviewed
CVE-2017-5251 was published May 13, 2022
A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and... Critical Unreviewed
CVE-2017-9632 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database