Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,749
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

232 advisories

Loading
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely... High Unreviewed
CVE-2023-34258 was published May 31, 2023
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data... High Unreviewed
CVE-2023-28045 was published May 19, 2023
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed
CVE-2023-32290 was published May 7, 2023
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1... High Unreviewed
CVE-2020-10267 was published May 24, 2022
Search Guard versions before 23.1 had an issue that for aggregations clear text values of... High Unreviewed
CVE-2019-13419 was published May 24, 2022
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to... High Unreviewed
CVE-2011-3355 was published Apr 22, 2022
Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attribute High
CVE-2018-25060 was published for github.com/go-macaron/csrf (Go) Dec 30, 2022
Jenkins HockeyApp Plugin stores credentials in plain text High
CVE-2019-1003053 was published for org.jenkins-ci.plugins:hockeyapp (Maven) May 13, 2022
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. High Unreviewed
CVE-2023-33037 was published Jan 2, 2024
twitch-tui's connection is not encrypted High
CVE-2023-38688 was published for twitch-tui (Rust) Jul 31, 2023
Roger
apk-parser2 downloads Resources over HTTP High
CVE-2016-10632 was published for apk-parser2 (npm) Sep 18, 2018
ibm_db downloads Resources over HTTP High
CVE-2016-10577 was published for ibm_db (npm) Feb 18, 2019
arrayfire-js downloads Resources over HTTP High
CVE-2016-10598 was published for arrayfire-js (npm) Feb 18, 2019
mystem downloads Resources over HTTP High
CVE-2016-10664 was published for mystem (npm) Feb 18, 2019
scalajs-standalone-bin Downloads Resources over HTTP High
CVE-2016-10634 was published for scalajs-standalone-bin (npm) Feb 18, 2019
closurecompiler downloads Resources over HTTP High
CVE-2016-10582 was published for closurecompiler (npm) Feb 18, 2019
grunt-images downloads Resources over HTTP High
CVE-2016-10645 was published for grunt-images (npm) Aug 15, 2018
frames-compiler downloads Resources over HTTP High
CVE-2016-10649 was published for frames-compiler (npm) Sep 1, 2020
poco downloads Resources over HTTP High
CVE-2016-10659 was published for poco (npm) Feb 18, 2019
windows-build-tools downloads Resources over HTTP High
CVE-2017-16003 was published for windows-build-tools (npm) Nov 9, 2018
herbivore downloads Resources over HTTP High
CVE-2016-10665 was published for herbivore (npm) Feb 18, 2019
headless-browser-lite downloads Resources over HTTP High
CVE-2016-10625 was published for headless-browser-lite (npm) Feb 18, 2019
fuseki downloads Resources over HTTP High
CVE-2016-10576 was published for fuseki (npm) Feb 18, 2019
slimerjs-edge downloads Resources over HTTP High
CVE-2016-10644 was published for slimerjs-edge (npm) Aug 15, 2018
jdf-sass downloads Resources over HTTP High
CVE-2016-10595 was published for jdf-sass (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database