Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

549 advisories

Loading
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed
CVE-2021-22702 was published May 24, 2022
Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote... Moderate Unreviewed
CVE-2020-25605 was published May 24, 2022
In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a... High Unreviewed
CVE-2021-27209 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain... High Unreviewed
CVE-2021-20409 was published May 24, 2022
For MongoDB Ops Manager 4.2.X with multiple OM application servers, that have SSL turned on for... Moderate Unreviewed
CVE-2021-20335 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) prior to version 3.1.0... Moderate Unreviewed
CVE-2020-8355 was published May 24, 2022
The affected Reolink P2P products do not sufficiently protect data transferred between the local... High Unreviewed
CVE-2020-25169 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2020-4969 was published May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive... Moderate Unreviewed
CVE-2020-4893 was published May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow... Critical Unreviewed
CVE-2020-4899 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability has been reported to affect... High Unreviewed
CVE-2018-19944 was published May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and... Critical Unreviewed
CVE-2020-25190 was published May 24, 2022
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its... High Unreviewed
CVE-2020-11718 was published May 24, 2022
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of... Moderate Unreviewed
CVE-2020-13528 was published May 24, 2022
BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https... Moderate Unreviewed
CVE-2020-14248 was published May 24, 2022
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. Moderate Unreviewed
CVE-2020-27586 was published May 24, 2022
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1... Moderate Unreviewed
CVE-2020-29380 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Moderate Unreviewed
CVE-2020-29055 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836... High Unreviewed
CVE-2020-27554 was published May 24, 2022
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 has an action ... Moderate Unreviewed
CVE-2020-25988 was published May 24, 2022
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client... Critical Unreviewed
CVE-2020-5426 was published May 24, 2022
The affected product transmits unencrypted sensitive information, which may allow an attacker to... High Unreviewed
CVE-2020-25155 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager ... Moderate Unreviewed
CVE-2020-27657 was published May 24, 2022
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation... Moderate Unreviewed
CVE-2020-27656 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve... High Unreviewed
CVE-2020-25645 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database