Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,147
Maven
5,000+
npm
3,808
NuGet
687
pip
3,482
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

479 advisories

Loading
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed
CVE-2019-15635 was published May 24, 2022
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext... High Unreviewed
CVE-2019-15135 was published May 24, 2022
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed
CVE-2019-14664 was published May 24, 2022
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which... High Unreviewed
CVE-2019-13498 was published May 24, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions... Moderate Unreviewed
CVE-2019-12820 was published May 24, 2022
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during... Moderate Unreviewed
CVE-2019-10101 was published May 24, 2022
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were... High Unreviewed
CVE-2019-10102 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and... Moderate Unreviewed
CVE-2019-6640 was published May 24, 2022
A vulnerability has been identified in SIMATIC Ident MV420 family (All versions), SIMATIC Ident... Moderate Unreviewed
CVE-2019-10926 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict... High Unreviewed
CVE-2019-4162 was published May 24, 2022
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers... High Unreviewed
CVE-2019-5496 was published May 24, 2022
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security... High Unreviewed
CVE-2019-5494 was published May 24, 2022
On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose... Moderate Unreviewed
CVE-2019-6613 was published May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29874 was published May 21, 2022
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl... High Unreviewed
CVE-2021-32934 was published May 20, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30994 was published May 19, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30993 was published May 19, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's... Critical Unreviewed
CVE-2018-7246 was published May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account... Critical Unreviewed
CVE-2018-7259 was published May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams Critical Unreviewed
CVE-2018-6295 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database