GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,438

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

75 advisories

Filter by severity

Sort by

Least recently updated

Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number... High Unreviewed

CVE-2021-44480 was published Dec 2, 2021

Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an... High Unreviewed

CVE-2020-26732 was published May 24, 2022

A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0... High Unreviewed

CVE-2021-26100 was published May 24, 2022

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a... High Unreviewed

CVE-2021-34825 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow... High Unreviewed

CVE-2022-30237 was published Jun 3, 2022

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed

CVE-2020-24396 was published May 24, 2022

A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted... High Unreviewed

CVE-2019-6169 was published May 24, 2022

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... High Unreviewed

CVE-2019-18201 was published May 24, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess... High Unreviewed

CVE-2020-15340 was published Sep 30, 2022

A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The... High Unreviewed

CVE-2021-40366 was published May 24, 2022

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting... High Unreviewed

CVE-2020-9774 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.... High Unreviewed

CVE-2020-15771 was published May 24, 2022

In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and... High Unreviewed

CVE-2020-27055 was published May 24, 2022

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and... High Unreviewed

CVE-2020-14254 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28217 was published May 24, 2022

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices... High Unreviewed

CVE-2020-23162 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session... High Unreviewed

CVE-2020-27651 was published May 24, 2022

The encryption function of NHIServiSignAdapter fail to verify the file path input by users.... High Unreviewed

CVE-2020-25842 was published May 24, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2... High Unreviewed

CVE-2020-28216 was published May 24, 2022

IBM API Connect V10 is impacted by insecure communications during database replication. As the... High Unreviewed

CVE-2020-4695 was published May 24, 2022

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone... High Unreviewed

CVE-2022-29945 was published Apr 30, 2022

An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones... High Unreviewed

CVE-2021-22932 was published May 24, 2022

ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed

CVE-2021-41302 was published May 24, 2022

On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted... High Unreviewed

CVE-2017-7729 was published May 13, 2022

In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were... High Unreviewed

CVE-2017-12817 was published May 13, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

75 advisories