Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

283 advisories

Loading
A vulnerability has been identified in Siveillance Video Client (All versions). In environments... Moderate Unreviewed
CVE-2020-15785 was published May 24, 2022
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead... Moderate Unreviewed
CVE-2020-3702 was published May 24, 2022
Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2251 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the... Moderate Unreviewed
CVE-2020-10124 was published May 24, 2022
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to... Moderate Unreviewed
CVE-2020-14171 was published May 24, 2022
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH... Moderate Unreviewed
CVE-2020-12398 was published May 24, 2022
Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android... Moderate Unreviewed
CVE-2020-15509 was published May 24, 2022
This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote... Moderate Unreviewed
CVE-2020-10281 was published May 24, 2022
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. Moderate Unreviewed
CVE-2020-14093 was published May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over... Moderate Unreviewed
CVE-2020-11614 was published May 24, 2022
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres... Moderate Unreviewed
CVE-2020-5865 was published May 24, 2022
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP... Moderate Unreviewed
CVE-2020-5867 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak... Moderate Unreviewed
CVE-2020-7488 was published May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on... Moderate Unreviewed
CVE-2020-7483 was published May 24, 2022
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext... Moderate Unreviewed
CVE-2020-6195 was published May 24, 2022
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access... Moderate Unreviewed
CVE-2019-16067 was published May 24, 2022
Missing permission checks in Jenkins P4 Plugin Moderate
CVE-2020-2142 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900... Moderate Unreviewed
CVE-2019-18863 was published May 24, 2022
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8506 was published May 24, 2022
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8507 was published May 24, 2022
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer... Moderate Unreviewed
CVE-2019-8632 was published May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin... Moderate Unreviewed
CVE-2019-19890 was published May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The... Moderate Unreviewed
CVE-2019-19889 was published May 24, 2022
Jenkins SCTMExecutor Plugin stores credentials in plain text Moderate
CVE-2019-16568 was published for hudson.plugins.sctmexecutor:SCTMExecutor (Maven) May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI... Moderate Unreviewed
CVE-2019-18285 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database