GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,619

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

167 advisories

Filter by severity

Sort by

Least recently updated

A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated... Moderate Unreviewed

CVE-2019-18376 was published May 24, 2022

Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key)... Moderate Unreviewed

CVE-2020-10941 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It... Moderate Unreviewed

CVE-2019-16063 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database... Moderate Unreviewed

CVE-2019-16062 was published May 24, 2022

An issue was detected in ONAP Portal through Dublin. By executing a padding oracle attack using... Moderate Unreviewed

CVE-2019-12121 was published May 24, 2022

An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure... Moderate Unreviewed

CVE-2020-9470 was published May 24, 2022

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6... Moderate Unreviewed

CVE-2015-0558 was published May 24, 2022

DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP. Moderate Unreviewed

CVE-2019-16274 was published May 24, 2022

wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces.... Moderate Unreviewed

CVE-2019-14317 was published May 24, 2022

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed

CVE-2019-16672 was published May 24, 2022

The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check. Moderate Unreviewed

CVE-2019-19463 was published May 24, 2022

JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed

CVE-2019-14959 was published May 24, 2022

JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link... Moderate Unreviewed

CVE-2019-14954 was published May 24, 2022

Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed

CVE-2019-9681 was published May 24, 2022

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on... Moderate Unreviewed

CVE-2019-4171 was published May 24, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An... Moderate Unreviewed

CVE-2019-13922 was published May 24, 2022

In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed

CVE-2019-1563 was published May 24, 2022

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel... Moderate Unreviewed

CVE-2019-1547 was published May 24, 2022

Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate

CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed

CVE-2018-17287 was published May 24, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed

CVE-2022-24045 was published May 21, 2022

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the... Moderate Unreviewed

CVE-2018-6975 was published May 13, 2022

The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the... Moderate Unreviewed

CVE-2018-6976 was published May 13, 2022

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an... Moderate Unreviewed

CVE-2018-5482 was published May 13, 2022

Plaintext of decrypted emails can leak through by user submitting an embedded form. This... Moderate Unreviewed

CVE-2018-5185 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

167 advisories