Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

232 advisories

Loading
OpenStack Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID High
CVE-2020-12691 was published for keystone (pip) May 24, 2022
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1... High Unreviewed
CVE-2020-10267 was published May 24, 2022
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack... High Unreviewed
CVE-2019-18201 was published May 24, 2022
Search Guard versions before 23.1 had an issue that for aggregations clear text values of... High Unreviewed
CVE-2019-13419 was published May 24, 2022
JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template... High Unreviewed
CVE-2019-10103 was published May 24, 2022
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted... High Unreviewed
CVE-2019-6169 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection... High Unreviewed
CVE-2018-10694 was published May 24, 2022
An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic... High Unreviewed
CVE-2018-10690 was published May 24, 2022
During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var... High Unreviewed
CVE-2019-10139 was published May 24, 2022
OpenAPI Tools OpenAPI Generator uses HTTP in various files High
CVE-2019-11405 was published for org.openapitools:openapi-generator (Maven) May 24, 2022
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions... High Unreviewed
CVE-2018-7781 was published May 13, 2022
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the... High Unreviewed
CVE-2018-5481 was published May 13, 2022
An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext... High Unreviewed
CVE-2018-5261 was published May 13, 2022
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This... High Unreviewed
CVE-2018-5162 was published May 13, 2022
Craft CMS Vulnerable to Server-Side Template Injection High
CVE-2018-20465 was published for craftcms/cms (Composer) May 13, 2022
Ansible Leaks Data Passed to ssh-keygen High
CVE-2018-16837 was published for ansible (pip) May 13, 2022
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level... High Unreviewed
CVE-2018-14608 was published May 13, 2022
Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer... High Unreviewed
CVE-2018-14607 was published May 13, 2022
Missing Encryption of Sensitive Data in Apache Guacamole High
CVE-2018-1340 was published for org.apache.guacamole:guacamole-common (Maven) May 13, 2022
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17... High Unreviewed
CVE-2017-9604 was published May 13, 2022
Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud... High Unreviewed
CVE-2017-8221 was published May 13, 2022
Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a... High Unreviewed
CVE-2017-15609 was published May 13, 2022
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other... High Unreviewed
CVE-2017-15581 was published May 13, 2022
Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a... High Unreviewed
CVE-2017-15397 was published May 13, 2022
In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for... High Unreviewed
CVE-2017-5251 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database