GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which...
Moderate
Unreviewed
CVE-2008-4122
was published
May 2, 2022
An attacker with access to the network where the affected devices are located could...
Moderate
Unreviewed
CVE-2023-40544
was published
Feb 7, 2024
The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,...
Moderate
Unreviewed
CVE-2023-46447
was published
Jan 20, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3...
Moderate
Unreviewed
CVE-2023-42016
was published
Feb 9, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3...
Moderate
Unreviewed
CVE-2023-47745
was published
Mar 3, 2024
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the...
Moderate
Unreviewed
CVE-2010-4177
was published
Apr 21, 2022
When curl is instructed to get content using the metalink feature, and a user name and password...
Moderate
Unreviewed
CVE-2021-22923
was published
May 24, 2022
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that...
Moderate
Unreviewed
CVE-2023-23915
was published
Feb 23, 2023
An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP...
Moderate
Unreviewed
CVE-2023-35833
was published
Jul 13, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices...
Moderate
Unreviewed
CVE-2022-47560
was published
Sep 20, 2023
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain...
Moderate
Unreviewed
CVE-2012-1257
was published
Apr 23, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions...
Moderate
Unreviewed
CVE-2019-12820
was published
May 24, 2022
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when...
Moderate
Unreviewed
CVE-2019-11739
was published
May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
Moderate
Unreviewed
CVE-2019-14959
was published
May 24, 2022
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data...
Moderate
Unreviewed
CVE-2019-14808
was published
May 24, 2022
Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access...
Moderate
Unreviewed
CVE-2019-12967
was published
May 24, 2022
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres...
Moderate
Unreviewed
CVE-2020-5865
was published
May 24, 2022
Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android...
Moderate
Unreviewed
CVE-2020-15509
was published
May 24, 2022
The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is...
Moderate
Unreviewed
CVE-2020-9420
was published
Dec 14, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0...
Moderate
Unreviewed
CVE-2019-14942
was published
Apr 16, 2023
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows...
Moderate
Unreviewed
CVE-2023-29680
was published
May 2, 2023
Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an...
Moderate
Unreviewed
CVE-2023-29681
was published
May 2, 2023
Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2...
Moderate
Unreviewed
CVE-2023-25070
was published
May 10, 2023
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A),...
Moderate
Unreviewed
CVE-2023-0864
was published
May 17, 2023
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information...
Moderate
Unreviewed
CVE-2023-27861
was published
Jun 5, 2023
ProTip!
Advisories are also available from the
GraphQL API