Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File... High Unreviewed
CVE-2023-23841 was published Jun 16, 2023
Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow... High Unreviewed
CVE-2023-1899 was published Jun 12, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. A suitably positioned attacker... High Unreviewed
CVE-2023-28348 was published May 31, 2023
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a... High Unreviewed
CVE-2023-31193 was published May 22, 2023
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory... High Unreviewed
CVE-2023-32784 was published May 15, 2023
An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H, allows attackers to gain... High Unreviewed
CVE-2023-25437 was published Apr 27, 2023
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information. High Unreviewed
CVE-2020-13787 was published May 24, 2022
The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6... High Unreviewed
CVE-2019-19967 was published May 24, 2022
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a... High Unreviewed
CVE-2019-15626 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login... High Unreviewed
CVE-2019-9532 was published May 24, 2022
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which... High Unreviewed
CVE-2019-16924 was published May 24, 2022
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext... High Unreviewed
CVE-2019-15135 was published May 24, 2022
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers... High Unreviewed
CVE-2019-5496 was published May 24, 2022
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security... High Unreviewed
CVE-2019-5494 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of... High Unreviewed
CVE-2024-25960 was published Mar 28, 2024
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep... High Unreviewed
CVE-2022-43551 was published Dec 23, 2022
The affected product is vulnerable to a cleartext transmission of sensitive information... High Unreviewed
CVE-2024-0860 was published Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption... High Unreviewed
CVE-2024-26288 was published Mar 12, 2024
Cleartext Transmission of Sensitive Information in Apache nifi High
CVE-2018-17195 was published for org.apache.nifi:nifi (Maven) Dec 20, 2018
MarkLee131
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances... High Unreviewed
CVE-2023-32328 was published Feb 7, 2024
OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the... High Unreviewed
CVE-2008-0374 was published May 1, 2022
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext... High Unreviewed
CVE-2008-4390 was published May 2, 2022
Jenkins Aqua Security Scanner Plugin showed plain text password in configuration form High
CVE-2019-10428 was published for org.jenkins-ci.plugins:aqua-security-scanner (Maven) May 24, 2022
An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information... High Unreviewed
CVE-2023-50614 was published Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database