Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS... High Unreviewed
CVE-2021-20154 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed
CVE-2021-20174 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By... High Unreviewed
CVE-2021-20169 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the... High Unreviewed
CVE-2021-20175 was published Dec 31, 2021
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore,... High Unreviewed
CVE-2021-41835 was published Jan 22, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar... High Unreviewed
CVE-2021-29397 was published Feb 9, 2022
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router... Critical Unreviewed
CVE-2022-0162 was published Feb 11, 2022
The affected product is vulnerable due to cleartext transmission of credentials seen in the... Critical Unreviewed
CVE-2022-21798 was published Feb 26, 2022
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext... High Unreviewed
CVE-2021-40846 was published Mar 5, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missing the HTTP Strict... High Unreviewed
CVE-2019-4162 was published May 24, 2022
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when... Moderate Unreviewed
CVE-2023-22863 was published Jan 18, 2023
Cleartext Transmission of Sensitive Information in Jenkins JIRA Pipeline Steps Plugin Moderate
CVE-2023-24440 was published for org.jenkins-ci.plugins:jira-steps (Maven) Jan 26, 2023
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being... Moderate Unreviewed
CVE-2023-23130 was published Feb 1, 2023
On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose... Moderate Unreviewed
CVE-2019-6613 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and... Moderate Unreviewed
CVE-2019-6640 was published May 24, 2022
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS... High Unreviewed
CVE-2022-40693 was published Feb 7, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in... High Unreviewed
CVE-2023-22806 was published Feb 15, 2023
Insecure transport protocol in Gradle Moderate
CVE-2019-11065 was published for org.gradle:gradle-core (Maven) May 13, 2022
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which... High Unreviewed
CVE-2019-13498 was published May 24, 2022
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear... Moderate Unreviewed
CVE-2022-38458 was published Mar 21, 2023
An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password... Moderate Unreviewed
CVE-2023-27927 was published Mar 27, 2023
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6... Moderate Unreviewed
CVE-2023-1648 was published Mar 28, 2023
Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java... High Unreviewed
CVE-2023-1656 was published Mar 29, 2023
Jenkins Azure Key Vault Plugin does not properly mask credentials Moderate
CVE-2023-30514 was published for org.jenkins-ci.plugins:azure-keyvault (Maven) Apr 12, 2023
Jenkins Kubernetes Plugin does not properly mask credentials Moderate
CVE-2023-30513 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database