Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a... High Unreviewed
CVE-2019-15626 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login... High Unreviewed
CVE-2019-9532 was published May 24, 2022
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data... Moderate Unreviewed
CVE-2019-14808 was published May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed
CVE-2019-14959 was published May 24, 2022
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which... High Unreviewed
CVE-2019-16924 was published May 24, 2022
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when... Moderate Unreviewed
CVE-2019-11739 was published May 24, 2022
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext... High Unreviewed
CVE-2019-15135 was published May 24, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions... Moderate Unreviewed
CVE-2019-12820 was published May 24, 2022
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers... High Unreviewed
CVE-2019-5496 was published May 24, 2022
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security... High Unreviewed
CVE-2019-5494 was published May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0... High Unreviewed
CVE-2018-1360 was published May 24, 2022
Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0... Critical Unreviewed
CVE-2019-3793 was published May 24, 2022
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain... Moderate Unreviewed
CVE-2012-1257 was published Apr 23, 2022
Jenkins Aqua Security Serverless Scanner Plugin showed plain text password in job configuration form fields Low
CVE-2019-10397 was published for org.jenkins-ci.plugins:aqua-serverless (Maven) May 24, 2022
andrewpollock
** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices... Moderate Unreviewed
CVE-2022-47560 was published Sep 20, 2023
An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP... Moderate Unreviewed
CVE-2023-35833 was published Jul 13, 2023
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of... High Unreviewed
CVE-2024-25960 was published Mar 28, 2024
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that... Moderate Unreviewed
CVE-2023-23915 was published Feb 23, 2023
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep... High Unreviewed
CVE-2022-43551 was published Dec 23, 2022
When curl is instructed to get content using the metalink feature, and a user name and password... Moderate Unreviewed
CVE-2021-22923 was published May 24, 2022
The affected product is vulnerable to a cleartext transmission of sensitive information... High Unreviewed
CVE-2024-0860 was published Mar 14, 2024
An unauthenticated remote attacker can influence the communication due to the lack of encryption... High Unreviewed
CVE-2024-26288 was published Mar 12, 2024
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the... Moderate Unreviewed
CVE-2010-4177 was published Apr 21, 2022
Cleartext Transmission of Sensitive Information in Apache nifi High
CVE-2018-17195 was published for org.apache.nifi:nifi (Maven) Dec 20, 2018
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database