GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when...
Moderate
Unreviewed
CVE-2019-11739
was published
May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests...
Moderate
Unreviewed
CVE-2019-4280
was published
May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
Moderate
Unreviewed
CVE-2019-14959
was published
May 24, 2022
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data...
Moderate
Unreviewed
CVE-2019-14808
was published
May 24, 2022
Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access...
Moderate
Unreviewed
CVE-2019-12967
was published
May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,...
Moderate
Unreviewed
CVE-2019-6846
was published
May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build...
Moderate
Unreviewed
CVE-2019-16672
was published
May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build...
Moderate
Unreviewed
CVE-2019-16674
was published
May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI...
Moderate
Unreviewed
CVE-2019-18285
was published
May 24, 2022
Jenkins SCTMExecutor Plugin stores credentials in plain text
Moderate
CVE-2019-16568
was published
for
hudson.plugins.sctmexecutor:SCTMExecutor
(Maven)
May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The...
Moderate
Unreviewed
CVE-2019-19889
was published
May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin...
Moderate
Unreviewed
CVE-2019-19890
was published
May 24, 2022
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer...
Moderate
Unreviewed
CVE-2019-8632
was published
May 24, 2022
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics.
Moderate
Unreviewed
CVE-2020-8506
was published
May 24, 2022
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics.
Moderate
Unreviewed
CVE-2020-8507
was published
May 24, 2022
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900...
Moderate
Unreviewed
CVE-2019-18863
was published
May 24, 2022
Missing permission checks in Jenkins P4 Plugin
Moderate
CVE-2020-2142
was published
for
org.jenkins-ci.plugins:p4
(Maven)
May 24, 2022
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access...
Moderate
Unreviewed
CVE-2019-16067
was published
May 24, 2022
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext...
Moderate
Unreviewed
CVE-2020-6195
was published
May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on...
Moderate
Unreviewed
CVE-2020-7483
was published
May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak...
Moderate
Unreviewed
CVE-2020-7488
was published
May 24, 2022
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres...
Moderate
Unreviewed
CVE-2020-5865
was published
May 24, 2022
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP...
Moderate
Unreviewed
CVE-2020-5867
was published
May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over...
Moderate
Unreviewed
CVE-2020-11614
was published
May 24, 2022
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
Moderate
Unreviewed
CVE-2020-14093
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API