GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,090
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,086
Maven 5,251
npm 3,749
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,586

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

166 advisories

Filter by severity

Sort by

Least recently updated

In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed

CVE-2019-1563 was published May 24, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An... Moderate Unreviewed

CVE-2019-13922 was published May 24, 2022

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on... Moderate Unreviewed

CVE-2019-4171 was published May 24, 2022

Online upgrade information in some firmware packages of Dahua products is not encrypted.... Moderate Unreviewed

CVE-2019-9681 was published May 24, 2022

JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link... Moderate Unreviewed

CVE-2019-14954 was published May 24, 2022

JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed

CVE-2019-14959 was published May 24, 2022

The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check. Moderate Unreviewed

CVE-2019-19463 was published May 24, 2022

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed

CVE-2019-16672 was published May 24, 2022

wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces.... Moderate Unreviewed

CVE-2019-14317 was published May 24, 2022

DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP. Moderate Unreviewed

CVE-2019-16274 was published May 24, 2022

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6... Moderate Unreviewed

CVE-2015-0558 was published May 24, 2022

An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure... Moderate Unreviewed

CVE-2020-9470 was published May 24, 2022

An issue was detected in ONAP Portal through Dublin. By executing a padding oracle attack using... Moderate Unreviewed

CVE-2019-12121 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database... Moderate Unreviewed

CVE-2019-16062 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It... Moderate Unreviewed

CVE-2019-16063 was published May 24, 2022

Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key)... Moderate Unreviewed

CVE-2020-10941 was published May 24, 2022

A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated... Moderate Unreviewed

CVE-2019-18376 was published May 24, 2022

Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a... Moderate Unreviewed

CVE-2020-11826 was published May 24, 2022

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. Moderate Unreviewed

CVE-2020-11685 was published May 24, 2022

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane... Moderate Unreviewed

CVE-2020-5879 was published May 24, 2022

OpenStack Keystone does not check signature TTL of the EC2 credential auth method Moderate

CVE-2020-12692 was published for keystone (pip) May 24, 2022

An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A... Moderate Unreviewed

CVE-2020-12772 was published May 24, 2022

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed

CVE-2020-12801 was published May 24, 2022

In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery... Moderate Unreviewed

CVE-2020-15302 was published May 24, 2022

Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed

CVE-2020-15509 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

166 advisories