GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
37 advisories
Filter by severity
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router...
Critical
Unreviewed
CVE-2022-0162
was published
Feb 11, 2022
The affected product is vulnerable due to cleartext transmission of credentials seen in the...
Critical
Unreviewed
CVE-2022-21798
was published
Feb 26, 2022
When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials...
Critical
Unreviewed
CVE-2018-11749
was published
May 13, 2022
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A...
Critical
Unreviewed
CVE-2019-6526
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-8855
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for...
Critical
Unreviewed
CVE-2017-15999
was published
May 13, 2022
Missing certificate validation in Apache JMeter
Critical
CVE-2018-1297
was published
for
org.apache.jmeter:ApacheJMeter
(Maven)
May 13, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to...
Critical
Unreviewed
CVE-2018-6017
was published
May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to...
Critical
Unreviewed
CVE-2018-6018
was published
May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
Critical
Unreviewed
CVE-2018-6295
was published
May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account...
Critical
Unreviewed
CVE-2018-7259
was published
May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's...
Critical
Unreviewed
CVE-2018-7246
was published
May 13, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0...
Critical
Unreviewed
CVE-2019-3793
was published
May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ...
Critical
Unreviewed
CVE-2019-17393
was published
May 24, 2022
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client...
Critical
Unreviewed
CVE-2020-5426
was published
May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and...
Critical
Unreviewed
CVE-2020-25190
was published
May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow...
Critical
Unreviewed
CVE-2020-4899
was published
May 24, 2022
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2...
Critical
Unreviewed
CVE-2020-26197
was published
May 24, 2022
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone....
Critical
Unreviewed
CVE-2021-22380
was published
May 24, 2022
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU...
Critical
Unreviewed
CVE-2022-2003
was published
Sep 1, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0...
Critical
Unreviewed
CVE-2022-34371
was published
Sep 3, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic...
Critical
Unreviewed
CVE-2022-33321
was published
Nov 9, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software...
Critical
Unreviewed
CVE-2022-43724
was published
Dec 13, 2022
Communication between the client and the server application of the affected products is partially...
Critical
Unreviewed
CVE-2022-3929
was published
Jan 6, 2023
ProTip!
Advisories are also available from the
GraphQL API