GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
507 advisories
Filter by severity
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
Moderate
Unreviewed
CVE-2020-14093
was published
May 24, 2022
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7,...
Low
Unreviewed
CVE-2022-41983
was published
Oct 20, 2022
This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote...
Moderate
Unreviewed
CVE-2020-10281
was published
May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over...
Moderate
Unreviewed
CVE-2020-11614
was published
May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak...
Moderate
Unreviewed
CVE-2020-7488
was published
May 24, 2022
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon...
Low
Unreviewed
CVE-2019-19107
was published
May 24, 2022
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext...
Moderate
Unreviewed
CVE-2020-6195
was published
May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on...
Moderate
Unreviewed
CVE-2020-7483
was published
May 24, 2022
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP...
Moderate
Unreviewed
CVE-2020-5867
was published
May 24, 2022
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access...
Moderate
Unreviewed
CVE-2019-16067
was published
May 24, 2022
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900...
Moderate
Unreviewed
CVE-2019-18863
was published
May 24, 2022
Credentials transmitted in plain text by Skytap Cloud CI Plugin
Low
CVE-2020-2157
was published
for
org.jenkins-ci.plugins:skytap
(Maven)
May 24, 2022
Credentials transmitted in plain text by Jenkins DeployHub Plugin
Low
CVE-2020-2156
was published
for
com.openmake:deployhub
(Maven)
May 24, 2022
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics.
Moderate
Unreviewed
CVE-2020-8507
was published
May 24, 2022
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics.
Moderate
Unreviewed
CVE-2020-8506
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to...
Moderate
Unreviewed
CVE-2020-4497
was published
Dec 15, 2022
Cleartext transmission of sensitive information vulnerability in authentication management in...
Moderate
Unreviewed
CVE-2022-27619
was published
Aug 4, 2022
A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The...
High
Unreviewed
CVE-2021-40366
was published
May 24, 2022
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer...
Moderate
Unreviewed
CVE-2019-8632
was published
May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The...
Moderate
Unreviewed
CVE-2019-19889
was published
May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin...
Moderate
Unreviewed
CVE-2019-19890
was published
May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI...
Moderate
Unreviewed
CVE-2019-18285
was published
May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build...
Moderate
Unreviewed
CVE-2019-16672
was published
May 24, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP...
High
Unreviewed
CVE-2021-27422
was published
Mar 24, 2022
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200,...
Low
Unreviewed
CVE-2019-0069
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API