GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
541 advisories
Filter by severity
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2...
Moderate
Unreviewed
CVE-2007-4786
was published
May 1, 2022
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map ...
Moderate
Unreviewed
CVE-2005-3140
was published
May 1, 2022
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use...
Moderate
Unreviewed
CVE-2005-2069
was published
May 1, 2022
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits...
Moderate
Unreviewed
CVE-2002-1949
was published
Apr 30, 2022
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption...
Moderate
Unreviewed
CVE-2004-1852
was published
Apr 29, 2022
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain...
Moderate
Unreviewed
CVE-2012-1257
was published
Apr 23, 2022
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the...
Moderate
Unreviewed
CVE-2010-4177
was published
Apr 21, 2022
An information disclosure vulnerability exists in the Web Application functionality of Moxa...
High
Unreviewed
CVE-2021-40392
was published
Apr 15, 2022
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of...
Moderate
Unreviewed
CVE-2021-45894
was published
Apr 6, 2022
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are...
High
Unreviewed
CVE-2021-32982
was published
Apr 5, 2022
Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in...
High
Unreviewed
CVE-2021-33022
was published
Apr 3, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has...
Moderate
Unreviewed
CVE-2003-5002
was published
Mar 29, 2022
Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as...
High
Unreviewed
CVE-2022-0988
was published
Mar 26, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP...
High
Unreviewed
CVE-2021-27422
was published
Mar 24, 2022
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x...
High
Unreviewed
CVE-2020-25178
was published
Mar 19, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following...
Moderate
Unreviewed
CVE-2021-41849
was published
Mar 13, 2022
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext...
High
Unreviewed
CVE-2021-40846
was published
Mar 5, 2022
The affected product is vulnerable due to cleartext transmission of credentials seen in the...
Critical
Unreviewed
CVE-2022-21798
was published
Feb 26, 2022
Jenkins Pipeline: Groovy Plugin has Insufficiently Protected Credentials
Moderate
CVE-2022-25180
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
Feb 16, 2022
"catalog's registry v2 api exposed on unauthenticated path in Harbor"
Moderate
CVE-2020-29662
was published
for
github.com/goharbor/harbor
(Go)
Feb 12, 2022
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router...
Critical
Unreviewed
CVE-2022-0162
was published
Feb 11, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar...
High
Unreviewed
CVE-2021-29397
was published
Feb 9, 2022
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore,...
High
Unreviewed
CVE-2021-41835
was published
Jan 22, 2022
User passwords transmitted in plain text by Jenkins Active Directory Plugin
Moderate
CVE-2022-23105
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
Jan 13, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS...
High
Unreviewed
CVE-2021-20154
was published
Dec 31, 2021
ProTip!
Advisories are also available from the
GraphQL API