GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,921
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,231
npm 3,739
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,367

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

275 advisories

Filter by severity

Sort by

Least recently updated

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH... Moderate Unreviewed

CVE-2020-12398 was published May 24, 2022

Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. Moderate Unreviewed

CVE-2020-14093 was published May 24, 2022

This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote... Moderate Unreviewed

CVE-2020-10281 was published May 24, 2022

Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over... Moderate Unreviewed

CVE-2020-11614 was published May 24, 2022

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak... Moderate Unreviewed

CVE-2020-7488 was published May 24, 2022

SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext... Moderate Unreviewed

CVE-2020-6195 was published May 24, 2022

**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on... Moderate Unreviewed

CVE-2020-7483 was published May 24, 2022

In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP... Moderate Unreviewed

CVE-2020-5867 was published May 24, 2022

NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access... Moderate Unreviewed

CVE-2019-16067 was published May 24, 2022

A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900... Moderate Unreviewed

CVE-2019-18863 was published May 24, 2022

The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics. Moderate Unreviewed

CVE-2020-8507 was published May 24, 2022

The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics. Moderate Unreviewed

CVE-2020-8506 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to... Moderate Unreviewed

CVE-2020-4497 was published Dec 15, 2022

Cleartext transmission of sensitive information vulnerability in authentication management in... Moderate Unreviewed

CVE-2022-27619 was published Aug 4, 2022

Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer... Moderate Unreviewed

CVE-2019-8632 was published May 24, 2022

An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The... Moderate Unreviewed

CVE-2019-19889 was published May 24, 2022

An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin... Moderate Unreviewed

CVE-2019-19890 was published May 24, 2022

A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI... Moderate Unreviewed

CVE-2019-18285 was published May 24, 2022

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed

CVE-2019-16672 was published May 24, 2022

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... Moderate Unreviewed

CVE-2019-6846 was published May 24, 2022

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed

CVE-2019-16674 was published May 24, 2022

An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed

CVE-2019-15635 was published May 24, 2022

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed

CVE-2019-14664 was published May 24, 2022

A vulnerability has been identified in SIMATIC Ident MV420 family (All versions), SIMATIC Ident... Moderate Unreviewed

CVE-2019-10926 was published May 24, 2022

Jenkins Gitea Plugin vulnerable to Cleartext Transmission of Sensitive Information Moderate

CVE-2022-46685 was published for org.jenkins-ci.plugins:gitea (Maven) Dec 12, 2022

Previous 1 2 … 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275 advisories