Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

507 advisories

Loading
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security... Moderate Unreviewed
CVE-2017-1232 was published May 13, 2022
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges... High Unreviewed
CVE-2017-1181 was published May 13, 2022
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information... High Unreviewed
CVE-2017-1000024 was published May 13, 2022
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential... High Unreviewed
CVE-2017-0925 was published May 13, 2022
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an... High Unreviewed
CVE-2017-12310 was published May 13, 2022
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit... Moderate Unreviewed
CVE-2017-12716 was published May 13, 2022
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface... Moderate Unreviewed
CVE-2017-14009 was published May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root... High Unreviewed
CVE-2017-5259 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0281 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0283 was published May 13, 2022
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed
CVE-2018-10634 was published May 13, 2022
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a... High Unreviewed
CVE-2018-1600 was published May 13, 2022
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or... Moderate Unreviewed
CVE-2018-5401 was published May 13, 2022
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS,... Moderate Unreviewed
CVE-2018-5471 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits... High Unreviewed
CVE-2018-8842 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8855 was published May 13, 2022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7... Moderate Unreviewed
CVE-2011-3022 was published May 13, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application... High Unreviewed
CVE-2019-7675 was published May 13, 2022
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local... Moderate Unreviewed
CVE-2019-5489 was published May 13, 2022
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive... Moderate Unreviewed
CVE-2019-4063 was published May 13, 2022
Insecure transport protocol in Gradle Moderate
CVE-2019-11065 was published for org.gradle:gradle-core (Maven) May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such... Moderate Unreviewed
CVE-2018-16225 was published May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2018-1525 was published May 13, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2018-1454 was published May 13, 2022
Cleartext Transmission of Sensitive Information in Apache CXF Moderate
CVE-2014-0035 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API