Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

33 advisories

Loading
2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle... High Unreviewed
CVE-2024-47258 was published Feb 6, 2025
Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-12602 was published Feb 6, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2024-27263 was published Jan 28, 2025
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and... Moderate Unreviewed
CVE-2024-27267 was published Aug 14, 2024
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
justinrosenthal ekaf
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG... High Unreviewed
CVE-2024-32049 was published May 8, 2024
easyMINE before 2019-12-05 ships with SSH host keys baked into the installation image, which... Unknown Unreviewed
CVE-2019-19751 was published Apr 30, 2024
ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man... Critical Unreviewed
CVE-2019-19755 was published Apr 30, 2024
dectalk-tts Uses Unencrypted HTTP Request High
CVE-2024-31206 was published for dectalk-tts (npm) Apr 4, 2024
AverageHelper JstnMcBrd
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2023-47742 was published Mar 3, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-31004 was published Feb 3, 2024
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept... Moderate Unreviewed
CVE-2023-7008 was published Dec 23, 2023
Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks High
GHSA-j3rq-4xjw-xg63 was published for github.com/edgelesssys/marblerun (Go) Dec 4, 2023
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of... High Unreviewed
CVE-2023-32634 was published Oct 12, 2023
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network... Moderate Unreviewed
CVE-2023-4885 was published Oct 3, 2023
Channel Accessible by Non-Endpoint vulnerability in CBOT Chatbot allows Adversary in the Middle ... High Unreviewed
CVE-2023-2885 was published May 25, 2023
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL... Moderate Unreviewed
CVE-2023-2310 was published May 10, 2023
In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021),... High Unreviewed
CVE-2021-41033 was published May 24, 2022
When an authenticated password change request takes place, this vulnerability could allow the... High Unreviewed
CVE-2021-32926 was published May 24, 2022
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to... High Unreviewed
CVE-2021-22909 was published May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to... Moderate Unreviewed
CVE-2021-22890 was published May 24, 2022
containernetworking/plugins vulnerable to MitM attacks Moderate
CVE-2020-10749 was published for github.com/containernetworking/plugins (Go) May 24, 2022
Missing SSH host key validation in Jenkins Amazon EC2 Plugin Moderate
CVE-2020-2185 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle... Moderate Unreviewed
CVE-2019-3981 was published May 24, 2022
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a... High Unreviewed
CVE-2019-14899 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database