GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,919

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

52 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed

CVE-2020-26197 was published May 24, 2022

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU... Critical Unreviewed

CVE-2022-2003 was published Sep 1, 2022

Communication between the client and the server application of the affected products is partially... Critical Unreviewed

CVE-2022-3929 was published Jan 6, 2023

Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client... Critical Unreviewed

CVE-2020-5426 was published May 24, 2022

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and... Critical Unreviewed

CVE-2020-25190 was published May 24, 2022

IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow... Critical Unreviewed

CVE-2020-4899 was published May 24, 2022

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Critical Unreviewed

CVE-2022-34371 was published Sep 3, 2022

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone.... Critical Unreviewed

CVE-2021-22380 was published May 24, 2022

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software... Critical Unreviewed

CVE-2022-43724 was published Dec 13, 2022

When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials... Critical Unreviewed

CVE-2018-11749 was published May 13, 2022

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A... Critical Unreviewed

CVE-2019-6526 was published May 13, 2022

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic... Critical Unreviewed

CVE-2022-33321 was published Nov 9, 2022

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed

CVE-2018-8855 was published May 13, 2022

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for... Critical Unreviewed

CVE-2017-15999 was published May 13, 2022

Missing certificate validation in Apache JMeter Critical

CVE-2018-1297 was published for org.apache.jmeter:ApacheJMeter (Maven) May 13, 2022

Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to... Critical Unreviewed

CVE-2018-6018 was published May 13, 2022

Unencrypted way of remote control and communications in Hanwha Techwin Smartcams Critical Unreviewed

CVE-2018-6295 was published May 13, 2022

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account... Critical Unreviewed

CVE-2018-7259 was published May 13, 2022

A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's... Critical Unreviewed

CVE-2018-7246 was published May 13, 2022

Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to... Critical Unreviewed

CVE-2018-6017 was published May 13, 2022

The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router... Critical Unreviewed

CVE-2022-0162 was published Feb 11, 2022

The affected product is vulnerable due to cleartext transmission of credentials seen in the... Critical Unreviewed

CVE-2022-21798 was published Feb 26, 2022

The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed

CVE-2023-39172 was published Dec 7, 2023

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed

CVE-2023-39245 was published Feb 15, 2024

Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed

CVE-2019-3793 was published May 24, 2022

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

52 advisories