Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32 advisories

Loading
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed
CVE-2020-26197 was published May 24, 2022
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU... Critical Unreviewed
CVE-2022-2003 was published Sep 1, 2022
Communication between the client and the server application of the affected products is partially... Critical Unreviewed
CVE-2022-3929 was published Jan 6, 2023
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client... Critical Unreviewed
CVE-2020-5426 was published May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and... Critical Unreviewed
CVE-2020-25190 was published May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow... Critical Unreviewed
CVE-2020-4899 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Critical Unreviewed
CVE-2022-34371 was published Sep 3, 2022
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone.... Critical Unreviewed
CVE-2021-22380 was published May 24, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software... Critical Unreviewed
CVE-2022-43724 was published Dec 13, 2022
When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials... Critical Unreviewed
CVE-2018-11749 was published May 13, 2022
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A... Critical Unreviewed
CVE-2019-6526 was published May 13, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic... Critical Unreviewed
CVE-2022-33321 was published Nov 9, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8855 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for... Critical Unreviewed
CVE-2017-15999 was published May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to... Critical Unreviewed
CVE-2018-6018 was published May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams Critical Unreviewed
CVE-2018-6295 was published May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's... Critical Unreviewed
CVE-2018-7246 was published May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account... Critical Unreviewed
CVE-2018-7259 was published May 13, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to... Critical Unreviewed
CVE-2018-6017 was published May 13, 2022
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router... Critical Unreviewed
CVE-2022-0162 was published Feb 11, 2022
The affected product is vulnerable due to cleartext transmission of credentials seen in the... Critical Unreviewed
CVE-2022-21798 was published Feb 26, 2022
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed
CVE-2023-39172 was published Dec 7, 2023
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database