GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,996
Composer 4,296
Erlang 31
GitHub Actions 21
Go 2,063
Maven 5,239
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,612

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238 advisories

Filter by severity

Sort by

Least recently updated

Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number... High Unreviewed

CVE-2021-44480 was published Dec 2, 2021

An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android.... Moderate Unreviewed

CVE-2021-44518 was published Dec 3, 2021

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful... High Unreviewed

CVE-2021-37050 was published Dec 9, 2021

A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below,... Moderate Unreviewed

CVE-2021-36189 was published Dec 10, 2021

An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the... High Unreviewed

CVE-2021-37189 was published Dec 11, 2021

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This... High Unreviewed

CVE-2021-40148 was published Jan 5, 2022

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including... High Unreviewed

CVE-2020-9058 was published Jan 11, 2022

Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption,... High Unreviewed

CVE-2020-9057 was published Jan 11, 2022

Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and ... Moderate Unreviewed

CVE-2022-0183 was published Jan 18, 2022

An information disclosure vulnerability exists in the Web Server functionality of Sealevel... Moderate Unreviewed

CVE-2021-21963 was published Feb 9, 2022

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed

CVE-2021-37209 was published Mar 9, 2022

Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. It... Moderate Unreviewed

CVE-2022-27225 was published Mar 17, 2022

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its... High Unreviewed

CVE-2021-33020 was published Apr 3, 2022

evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to... High Unreviewed

CVE-2011-3355 was published Apr 22, 2022

The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS... Moderate Unreviewed

CVE-2012-5474 was published Apr 23, 2022

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone... High Unreviewed

CVE-2022-29945 was published Apr 30, 2022

Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for... Moderate Unreviewed

CVE-2017-5042 was published Apr 30, 2022

The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol... Moderate Unreviewed

CVE-2007-4961 was published May 1, 2022

Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The... Moderate Unreviewed

CVE-2021-27764 was published May 7, 2022

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may... Low Unreviewed

CVE-2019-1573 was published May 13, 2022

On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted... High Unreviewed

CVE-2017-7729 was published May 13, 2022

In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were... High Unreviewed

CVE-2017-12817 was published May 13, 2022

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default... Critical Unreviewed

CVE-2018-16879 was published May 13, 2022

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by... High Unreviewed

CVE-2019-6518 was published May 13, 2022

An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction... Moderate Unreviewed

CVE-2019-9862 was published May 13, 2022

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

238 advisories