Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

195 advisories

Loading
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20... High Unreviewed
CVE-2020-1902 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information. High Unreviewed
CVE-2020-13787 was published May 24, 2022
The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6... High Unreviewed
CVE-2019-19967 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... High Unreviewed
CVE-2019-6845 was published May 24, 2022
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a... High Unreviewed
CVE-2019-15626 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login... High Unreviewed
CVE-2019-9532 was published May 24, 2022
Jenkins SourceGear Vault plugin transmits credentials in plain text High
CVE-2019-10435 was published for org.jenkins-ci.plugins:vault-scm-plugin (Maven) May 24, 2022
Cleartext Transmission of Sensitive Information in Apache MINA High
CVE-2019-0231 was published for org.apache.mina:mina-core (Maven) May 24, 2022
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which... High Unreviewed
CVE-2019-16924 was published May 24, 2022
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext... High Unreviewed
CVE-2019-15135 was published May 24, 2022
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which... High Unreviewed
CVE-2019-13498 was published May 24, 2022
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were... High Unreviewed
CVE-2019-10102 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict... High Unreviewed
CVE-2019-4162 was published May 24, 2022
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security... High Unreviewed
CVE-2019-5494 was published May 24, 2022
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers... High Unreviewed
CVE-2019-5496 was published May 24, 2022
Potentially compromised builds High
CVE-2019-10249 was published for org.eclipse.xtend:org.eclipse.xtend.core (Maven) May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29874 was published May 21, 2022
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl... High Unreviewed
CVE-2021-32934 was published May 20, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30994 was published May 19, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30993 was published May 19, 2022
Setuptools vulnerable to Man-in-the-middle attacks High
CVE-2013-1633 was published for setuptools (pip) May 17, 2022
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote... High Unreviewed
CVE-2018-7960 was published May 13, 2022
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software... High Unreviewed
CVE-2018-7298 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10... High Unreviewed
CVE-2018-4227 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database