GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,495

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

452 advisories

Filter by severity

Sort by

Least recently updated

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan... Low Unreviewed

CVE-2018-6674 was published May 13, 2022

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This... High Unreviewed

CVE-2018-5162 was published May 13, 2022

Plaintext of decrypted emails can leak through by user submitting an embedded form. This... Moderate Unreviewed

CVE-2018-5185 was published May 13, 2022

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an... Moderate Unreviewed

CVE-2018-5482 was published May 13, 2022

A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4).... Moderate Unreviewed

CVE-2018-4847 was published May 13, 2022

An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext... High Unreviewed

CVE-2018-5261 was published May 13, 2022

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the... Moderate Unreviewed

CVE-2018-6975 was published May 13, 2022

OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the... High Unreviewed

CVE-2018-5481 was published May 13, 2022

An issue was discovered on August Connect devices. Insecure data transfer between the August app... Critical Unreviewed

CVE-2018-20100 was published May 13, 2022

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128... Moderate Unreviewed

CVE-2018-17563 was published May 13, 2022

Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level... High Unreviewed

CVE-2018-14608 was published May 13, 2022

Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer... High Unreviewed

CVE-2018-14607 was published May 13, 2022

KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17... High Unreviewed

CVE-2017-9604 was published May 13, 2022

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information... Moderate Unreviewed

CVE-2017-8168 was published May 13, 2022

In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6... Moderate Unreviewed

CVE-2017-7485 was published May 13, 2022

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http... Moderate Unreviewed

CVE-2017-9045 was published May 13, 2022

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption... Moderate Unreviewed

CVE-2017-6297 was published May 13, 2022

Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud... High Unreviewed

CVE-2017-8221 was published May 13, 2022

In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other... High Unreviewed

CVE-2017-15581 was published May 13, 2022

** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically... Moderate Unreviewed

CVE-2017-14953 was published May 13, 2022

Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a... High Unreviewed

CVE-2017-15609 was published May 13, 2022

Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a... High Unreviewed

CVE-2017-15397 was published May 13, 2022

In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for... High Unreviewed

CVE-2017-5251 was published May 13, 2022

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user... Critical Unreviewed

CVE-2018-10612 was published May 13, 2022

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score:... Moderate Unreviewed

CVE-2017-14012 was published May 13, 2022

Previous 1 2 … 8 9 10 11 12 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

452 advisories