Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in... Low Unreviewed
CVE-2024-8013 was published Oct 28, 2024
The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed
CVE-2024-47124 was published Sep 26, 2024
The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed
CVE-2024-45838 was published Sep 26, 2024
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS` Low
CVE-2024-41124 was published for puncia (pip) Jul 19, 2024
SCH227 g147
Sametime is impacted by sensitive information passed in URL. Low Unreviewed
CVE-2023-45716 was published Feb 10, 2024
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the... Low Unreviewed
CVE-2023-43503 was published Nov 14, 2023
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as... Low Unreviewed
CVE-2023-5461 was published Oct 9, 2023
A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This... Low Unreviewed
CVE-2023-3763 was published Jul 19, 2023
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this... Low Unreviewed
CVE-2023-3761 was published Jul 19, 2023
An insecure connection between Systems Manager and CQI Reporter application could expose infusion... Low Unreviewed
CVE-2023-30565 was published Jul 13, 2023
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7,... Low Unreviewed
CVE-2022-41983 was published Oct 20, 2022
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session... Low Unreviewed
CVE-2021-42948 was published Sep 17, 2022
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1... Low Unreviewed
CVE-2022-33724 was published Aug 6, 2022
Cleartext Storage of Sensitive Information in Jenkins Build Notifications Plugin Low
CVE-2022-34801 was published for tools.devnull:build-notifications (Maven) Jul 1, 2022
NotMyFault
BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to... Low Unreviewed
CVE-2019-18248 was published May 24, 2022
GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to... Low Unreviewed
CVE-2021-31815 was published May 24, 2022
Jenkins Email Extension Plugin SMTP password transmitted and displayed in plain text Low
CVE-2020-2232 was published for org.jenkins-ci.plugins:email-ext (Maven) May 24, 2022
NotMyFault
Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin Low
CVE-2020-2210 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) May 24, 2022
NotMyFault
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon... Low Unreviewed
CVE-2019-19107 was published May 24, 2022
Passwords transmitted in plain text by Jenkins Artifactory Plugin Low
CVE-2020-2165 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Skytap Cloud CI Plugin Low
CVE-2020-2157 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Backlog Plugin Low
CVE-2020-2153 was published for org.jenkins-ci.plugins:backlog (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Jenkins DeployHub Plugin Low
CVE-2020-2156 was published for com.openmake:deployhub (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database