GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
33 advisories
Filter by severity
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can...
Critical
Unreviewed
CVE-2024-25735
was published
Mar 27, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38891
was published
Aug 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ...
Critical
Unreviewed
CVE-2019-17393
was published
May 24, 2022
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan...
Critical
Unreviewed
CVE-2023-33730
was published
May 31, 2023
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could
cause...
Critical
Unreviewed
CVE-2022-46680
was published
May 22, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical...
Critical
Unreviewed
CVE-2023-30354
was published
May 10, 2023
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0...
Critical
Unreviewed
CVE-2019-3793
was published
May 24, 2022
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information...
Critical
Unreviewed
CVE-2023-39245
was published
Feb 15, 2024
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated...
Critical
Unreviewed
CVE-2023-39172
was published
Dec 7, 2023
The affected product is vulnerable due to cleartext transmission of credentials seen in the...
Critical
Unreviewed
CVE-2022-21798
was published
Feb 26, 2022
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router...
Critical
Unreviewed
CVE-2022-0162
was published
Feb 11, 2022
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to...
Critical
Unreviewed
CVE-2018-6017
was published
May 13, 2022
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's...
Critical
Unreviewed
CVE-2018-7246
was published
May 13, 2022
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account...
Critical
Unreviewed
CVE-2018-7259
was published
May 13, 2022
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
Critical
Unreviewed
CVE-2018-6295
was published
May 13, 2022
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to...
Critical
Unreviewed
CVE-2018-6018
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for...
Critical
Unreviewed
CVE-2017-15999
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-8855
was published
May 13, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic...
Critical
Unreviewed
CVE-2022-33321
was published
Nov 9, 2022
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A...
Critical
Unreviewed
CVE-2019-6526
was published
May 13, 2022
When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials...
Critical
Unreviewed
CVE-2018-11749
was published
May 13, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software...
Critical
Unreviewed
CVE-2022-43724
was published
Dec 13, 2022
ProTip!
Advisories are also available from the
GraphQL API