Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

634 advisories

Loading
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900... Moderate Unreviewed
CVE-2019-18863 was published May 24, 2022
Jenkins S3 Publisher Plugin transmits credentials in plain text during configuration Low
CVE-2020-2114 was published for org.jenkins-ci.plugins:s3 (Maven) May 24, 2022
NotMyFault
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8506 was published May 24, 2022
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8507 was published May 24, 2022
The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6... High Unreviewed
CVE-2019-19967 was published May 24, 2022
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer... Moderate Unreviewed
CVE-2019-8632 was published May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin... Moderate Unreviewed
CVE-2019-19890 was published May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The... Moderate Unreviewed
CVE-2019-19889 was published May 24, 2022
Jenkins SCTMExecutor Plugin stores credentials in plain text Moderate
CVE-2019-16568 was published for hudson.plugins.sctmexecutor:SCTMExecutor (Maven) May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI... Moderate Unreviewed
CVE-2019-18285 was published May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed
CVE-2019-16674 was published May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed
CVE-2019-16672 was published May 24, 2022
Jenkins QMetry for JIRA Plugin shows plain text password in configuration form Low
CVE-2019-16545 was published for org.jenkins-ci.plugins:qmetry-for-jira-test-management (Maven) May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... High Unreviewed
CVE-2019-6845 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... Moderate Unreviewed
CVE-2019-6846 was published May 24, 2022
Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access... Moderate Unreviewed
CVE-2019-12967 was published May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ... Critical Unreviewed
CVE-2019-17393 was published May 24, 2022
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a... High Unreviewed
CVE-2019-15626 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login... High Unreviewed
CVE-2019-9532 was published May 24, 2022
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data... Moderate Unreviewed
CVE-2019-14808 was published May 24, 2022
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200,... Low Unreviewed
CVE-2019-0069 was published May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed
CVE-2019-14959 was published May 24, 2022
Jenkins SourceGear Vault plugin transmits credentials in plain text High
CVE-2019-10435 was published for org.jenkins-ci.plugins:vault-scm-plugin (Maven) May 24, 2022
Cleartext Transmission of Sensitive Information in Apache MINA High
CVE-2019-0231 was published for org.apache.mina:mina-core (Maven) May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests... Moderate Unreviewed
CVE-2019-4280 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database