Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext... High Unreviewed
CVE-2020-36423 was published May 24, 2022
The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with... High Unreviewed
CVE-2021-32612 was published May 24, 2022
Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before... High Unreviewed
CVE-2021-23018 was published May 24, 2022
Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial... High Unreviewed
CVE-2020-27185 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface... High Unreviewed
CVE-2021-20992 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2021-27251 was published May 24, 2022
Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1... High Unreviewed
CVE-2021-27194 was published May 24, 2022
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in... High Unreviewed
CVE-2019-18231 was published May 24, 2022
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed
CVE-2021-22702 was published May 24, 2022
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed
CVE-2021-22703 was published May 24, 2022
In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a... High Unreviewed
CVE-2021-27209 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-20409 was published May 24, 2022
The affected Reolink P2P products do not sufficiently protect data transferred between the local... High Unreviewed
CVE-2020-25169 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability has been reported to affect... High Unreviewed
CVE-2018-19944 was published May 24, 2022
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its... High Unreviewed
CVE-2020-11718 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836... High Unreviewed
CVE-2020-27554 was published May 24, 2022
The affected product transmits unencrypted sensitive information, which may allow an attacker to... High Unreviewed
CVE-2020-25155 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve... High Unreviewed
CVE-2020-25645 was published May 24, 2022
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20... High Unreviewed
CVE-2020-1902 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information. High Unreviewed
CVE-2020-13787 was published May 24, 2022
The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6... High Unreviewed
CVE-2019-19967 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... High Unreviewed
CVE-2019-6845 was published May 24, 2022
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a... High Unreviewed
CVE-2019-15626 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login... High Unreviewed
CVE-2019-9532 was published May 24, 2022
Jenkins SourceGear Vault plugin transmits credentials in plain text High
CVE-2019-10435 was published for org.jenkins-ci.plugins:vault-scm-plugin (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database