Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,470
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to... High Unreviewed
CVE-2024-36553 was published Feb 6, 2025
2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle... High Unreviewed
CVE-2024-47258 was published Feb 6, 2025
Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-12602 was published Feb 6, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2024-27263 was published Jan 28, 2025
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
justinrosenthal ekaf
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept... Moderate Unreviewed
CVE-2023-7008 was published Dec 23, 2023
ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man... Critical Unreviewed
CVE-2019-19755 was published Apr 30, 2024
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2023-47742 was published Mar 3, 2024
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and... Moderate Unreviewed
CVE-2024-27267 was published Aug 14, 2024
easyMINE before 2019-12-05 ships with SSH host keys baked into the installation image, which... Unknown Unreviewed
CVE-2019-19751 was published Apr 30, 2024
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG... High Unreviewed
CVE-2024-32049 was published May 8, 2024
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to... Moderate Unreviewed
CVE-2021-22890 was published May 24, 2022
dectalk-tts Uses Unencrypted HTTP Request High
CVE-2024-31206 was published for dectalk-tts (npm) Apr 4, 2024
AverageHelper JstnMcBrd
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of... High Unreviewed
CVE-2023-32634 was published Oct 12, 2023
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network... Moderate Unreviewed
CVE-2023-4885 was published Oct 3, 2023
Channel Accessible by Non-Endpoint vulnerability in CBOT Chatbot allows Adversary in the Middle ... High Unreviewed
CVE-2023-2885 was published May 25, 2023
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL... Moderate Unreviewed
CVE-2023-2310 was published May 10, 2023
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle... Moderate Unreviewed
CVE-2019-3981 was published May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to... High Unreviewed
CVE-2021-22909 was published May 24, 2022
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-31004 was published Feb 3, 2024
Missing SSH host key validation in Jenkins Amazon EC2 Plugin Moderate
CVE-2020-2185 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks High
GHSA-j3rq-4xjw-xg63 was published for github.com/edgelesssys/marblerun (Go) Dec 4, 2023
Machine-In-The-Middle in https-proxy-agent Moderate
GHSA-pc5p-h8pf-mvwp was published for https-proxy-agent (npm) Apr 16, 2020
Insecure Defaults Allow MITM Over TLS in engine.io-client Moderate
CVE-2016-10536 was published for engine.io-client (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database