GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,925
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 666
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,363

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

275 advisories

Filter by severity

Sort by

Least recently updated

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information... Moderate Unreviewed

CVE-2023-27861 was published Jun 5, 2023

Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A),... Moderate Unreviewed

CVE-2023-0864 was published May 17, 2023

Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2... Moderate Unreviewed

CVE-2023-25070 was published May 10, 2023

Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an... Moderate Unreviewed

CVE-2023-29681 was published May 2, 2023

Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows... Moderate Unreviewed

CVE-2023-29680 was published May 2, 2023

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0... Moderate Unreviewed

CVE-2019-14942 was published Apr 16, 2023

The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is... Moderate Unreviewed

CVE-2020-9420 was published Dec 14, 2022

Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed

CVE-2020-15509 was published May 24, 2022

In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres... Moderate Unreviewed

CVE-2020-5865 was published May 24, 2022

Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access... Moderate Unreviewed

CVE-2019-12967 was published May 24, 2022

An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data... Moderate Unreviewed

CVE-2019-14808 was published May 24, 2022

JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed

CVE-2019-14959 was published May 24, 2022

Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when... Moderate Unreviewed

CVE-2019-11739 was published May 24, 2022

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions... Moderate Unreviewed

CVE-2019-12820 was published May 24, 2022

Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain... Moderate Unreviewed

CVE-2012-1257 was published Apr 23, 2022

** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices... Moderate Unreviewed

CVE-2022-47560 was published Sep 20, 2023

An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP... Moderate Unreviewed

CVE-2023-35833 was published Jul 13, 2023

A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that... Moderate Unreviewed

CVE-2023-23915 was published Feb 23, 2023

When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed

CVE-2021-22923 was published May 24, 2022

mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the... Moderate Unreviewed

CVE-2010-4177 was published Apr 21, 2022

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed

CVE-2023-47745 was published Mar 3, 2024

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed

CVE-2023-42016 was published Feb 9, 2024

The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,... Moderate Unreviewed

CVE-2023-46447 was published Jan 20, 2024

An attacker with access to the network where the affected devices are located could... Moderate Unreviewed

CVE-2023-40544 was published Feb 7, 2024

Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which... Moderate Unreviewed

CVE-2008-4122 was published May 2, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275 advisories