GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,090
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,086
Maven 5,251
npm 3,749
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,586

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

166 advisories

Filter by severity

Sort by

Least recently updated

Jenkins Jira Issue Updater Plugin stores credentials in plain text Moderate

CVE-2019-1003054 was published for info.bluefloyd.jenkins:jenkins-jira-issue-updater (Maven) May 13, 2022

Jenkins WebSphere Deployer Plugin stores credentials in plain text Moderate

CVE-2019-1003056 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 13, 2022

An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction... Moderate Unreviewed

CVE-2019-9862 was published May 13, 2022

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed

CVE-2018-8849 was published May 13, 2022

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All... Moderate Unreviewed

CVE-2018-4855 was published May 13, 2022

In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API.... Moderate Unreviewed

CVE-2018-3826 was published May 13, 2022

IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed

CVE-2018-1938 was published May 13, 2022

IBM Cloud Private 3.1.1 could alllow a local user with administrator privileges to intercept... Moderate Unreviewed

CVE-2018-1937 was published May 13, 2022

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score:... Moderate Unreviewed

CVE-2017-14012 was published May 13, 2022

** DISPUTED ** Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for... Moderate Unreviewed

CVE-2017-8769 was published May 13, 2022

** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically... Moderate Unreviewed

CVE-2017-14953 was published May 13, 2022

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption... Moderate Unreviewed

CVE-2017-6297 was published May 13, 2022

In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6... Moderate Unreviewed

CVE-2017-7485 was published May 13, 2022

FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information... Moderate Unreviewed

CVE-2017-8168 was published May 13, 2022

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http... Moderate Unreviewed

CVE-2017-9045 was published May 13, 2022

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128... Moderate Unreviewed

CVE-2018-17563 was published May 13, 2022

A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4).... Moderate Unreviewed

CVE-2018-4847 was published May 13, 2022

Plaintext of decrypted emails can leak through by user submitting an embedded form. This... Moderate Unreviewed

CVE-2018-5185 was published May 13, 2022

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an... Moderate Unreviewed

CVE-2018-5482 was published May 13, 2022

The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the... Moderate Unreviewed

CVE-2018-6976 was published May 13, 2022

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the... Moderate Unreviewed

CVE-2018-6975 was published May 13, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed

CVE-2022-24045 was published May 21, 2022

In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as... Moderate Unreviewed

CVE-2018-17287 was published May 24, 2022

Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate

CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel... Moderate Unreviewed

CVE-2019-1547 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

166 advisories