GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,165
Composer 4,090
Erlang 29
GitHub Actions 19
Go 1,916
Maven 5,108
npm 3,646
NuGet 638
pip 3,263
Pub 10
RubyGems 870
Rust 822
Swift 35

Unreviewed advisories

All unreviewed 229,176

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

256 advisories

Filter by severity

Sort by

Least recently updated

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL... Moderate Unreviewed

CVE-2017-6410 was published May 13, 2022

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE... Moderate Unreviewed

CVE-2017-6665 was published May 13, 2022

An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is... Moderate Unreviewed

CVE-2017-7147 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13... Moderate Unreviewed

CVE-2017-7078 was published May 13, 2022

The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague... Moderate Unreviewed

CVE-2017-8154 was published May 13, 2022

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script... Moderate Unreviewed

CVE-2017-8850 was published May 13, 2022

An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the... Moderate Unreviewed

CVE-2017-8851 was published May 13, 2022

SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate... Moderate Unreviewed

CVE-2018-11399 was published May 13, 2022

SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate... Moderate Unreviewed

CVE-2018-11402 was published May 13, 2022

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent... Moderate Unreviewed

CVE-2018-11477 was published May 13, 2022

The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)... Moderate Unreviewed

CVE-2018-12674 was published May 13, 2022

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when... Moderate Unreviewed

CVE-2018-14627 was published May 13, 2022

The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests... Moderate Unreviewed

CVE-2018-18908 was published May 13, 2022

The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private... Moderate Unreviewed

CVE-2018-19111 was published May 13, 2022

Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof... Moderate Unreviewed

CVE-2018-6019 was published May 13, 2022

On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose... Moderate Unreviewed

CVE-2019-6613 was published May 24, 2022

A vulnerability has been identified in SIMATIC Ident MV420 family (All versions), SIMATIC Ident... Moderate Unreviewed

CVE-2019-10926 was published May 24, 2022

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and... Moderate Unreviewed

CVE-2019-6640 was published May 24, 2022

JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during... Moderate Unreviewed

CVE-2019-10101 was published May 24, 2022

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions... Moderate Unreviewed

CVE-2019-12820 was published May 24, 2022

Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate

CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed

CVE-2019-14664 was published May 24, 2022

Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin Moderate

CVE-2019-10370 was published for org.jenkins-ci.plugins:mask-passwords (Maven) May 24, 2022

Jenkins IBM AppScan Plugin showed plain text password in job configuration form fields Moderate

CVE-2019-10391 was published for com.hcl.security:ibm-application-security (Maven) May 24, 2022

An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed

CVE-2019-15635 was published May 24, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

256 advisories