GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,916
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,046
Maven 5,231
npm 3,737
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,347

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

541 advisories

Filter by severity

Sort by

Least recently updated

SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext... Moderate Unreviewed

CVE-2020-6195 was published May 24, 2022

The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon... Low Unreviewed

CVE-2019-19107 was published May 24, 2022

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak... Moderate Unreviewed

CVE-2020-7488 was published May 24, 2022

Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over... Moderate Unreviewed

CVE-2020-11614 was published May 24, 2022

This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote... Moderate Unreviewed

CVE-2020-10281 was published May 24, 2022

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7,... Low Unreviewed

CVE-2022-41983 was published Oct 20, 2022

Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. Moderate Unreviewed

CVE-2020-14093 was published May 24, 2022

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH... Moderate Unreviewed

CVE-2020-12398 was published May 24, 2022

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead... Moderate Unreviewed

CVE-2020-3702 was published May 24, 2022

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the... Moderate Unreviewed

CVE-2020-10124 was published May 24, 2022

An issue was discovered in Gradle Enterprise before 2020.2.5. Lack of the secure attribute on the... Moderate Unreviewed

CVE-2020-15767 was published May 24, 2022

A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20... High Unreviewed

CVE-2020-1902 was published May 24, 2022

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve... High Unreviewed

CVE-2020-25645 was published May 24, 2022

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such... Moderate Unreviewed

CVE-2020-1749 was published May 24, 2022

Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client... Critical Unreviewed

CVE-2020-5426 was published May 24, 2022

In certain Secustation products the administrator account password can be read. This affects V2.5... Moderate Unreviewed

CVE-2022-40939 was published Dec 8, 2022

The affected product transmits unencrypted sensitive information, which may allow an attacker to... High Unreviewed

CVE-2020-25155 was published May 24, 2022

UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 has an action ... Moderate Unreviewed

CVE-2020-25988 was published May 24, 2022

Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836... High Unreviewed

CVE-2020-27554 was published May 24, 2022

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1... Moderate Unreviewed

CVE-2020-29380 was published May 24, 2022

Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. Moderate Unreviewed

CVE-2020-27586 was published May 24, 2022

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and... Critical Unreviewed

CVE-2020-25190 was published May 24, 2022

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its... High Unreviewed

CVE-2020-11718 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager ... Moderate Unreviewed

CVE-2020-27657 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation... Moderate Unreviewed

CVE-2020-27656 was published May 24, 2022

Previous 1 2 3 4 5 6 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

541 advisories