Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

172 advisories

Loading
The data flowing between the PCU and its modules is insecure. A threat actor with physical access... Moderate Unreviewed
CVE-2023-30561 was published Jul 13, 2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access... Moderate Unreviewed
CVE-2023-22948 was published Apr 13, 2023
Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed
CVE-2020-15509 was published May 24, 2022
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6... Moderate Unreviewed
CVE-2015-0558 was published May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed
CVE-2019-14959 was published May 24, 2022
Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed
CVE-2019-9681 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed
CVE-2018-17287 was published May 24, 2022
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS... Moderate Unreviewed
CVE-2012-5474 was published Apr 23, 2022
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing... Moderate Unreviewed
CVE-2024-25027 was published Mar 31, 2024
** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for... Moderate Unreviewed
CVE-2017-8769 was published May 13, 2022
IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-35888 was published Mar 20, 2024
The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol... Moderate Unreviewed
CVE-2007-4961 was published May 1, 2022
LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client... Moderate Unreviewed
CVE-2021-3882 was published May 24, 2022
Jenkins Fabric-beta-publisher Plugin stores credentials in plain text Moderate
CVE-2019-1003088 was published for egor-n:fabric-beta-publisher (Maven) May 13, 2022
Jenkins Perfecto Mobile Plugin stores credentials in plain text Moderate
CVE-2019-1003095 was published for org.jenkins-ci.plugins:perfectomobile (Maven) May 13, 2022
Jenkins Open STF Plugin stores credentials in plain text Moderate
CVE-2019-1003094 was published for org.jenkins-ci.plugins:open-stf (Maven) May 13, 2022
Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow... Moderate Unreviewed
CVE-2023-50126 was published Jan 11, 2024
Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create... Moderate Unreviewed
CVE-2023-50129 was published Jan 11, 2024
IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-38267 was published Jan 11, 2024
Jenkins Upload to pgyer Plugin stores credentials in plain text Moderate
CVE-2019-1003089 was published for ren.helloworld:upload-pgyer (Maven) May 13, 2022
Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure Moderate
CVE-2023-37943 was published for org.jenkins-ci.plugins:active-directory (Maven) Jul 12, 2023
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed
CVE-2020-12801 was published May 24, 2022
Jenkins CloudFormation Plugin stores credentials in plain text Moderate
CVE-2019-1003061 was published for org.jenkins-ci.plugins:jenkins-cloudformation-plugin (Maven) May 13, 2022
Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database