GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,827
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,924
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,133

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

631 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote... Moderate Unreviewed

CVE-2020-25605 was published May 24, 2022

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed

CVE-2021-22703 was published May 24, 2022

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain... Moderate Unreviewed

CVE-2020-4969 was published May 24, 2022

The affected Reolink P2P products do not sufficiently protect data transferred between the local... High Unreviewed

CVE-2020-25169 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in synorelayd in Synology... Moderate Unreviewed

CVE-2021-26564 was published May 24, 2022

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Critical Unreviewed

CVE-2022-34371 was published Sep 3, 2022

In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a... High Unreviewed

CVE-2021-27209 was published May 24, 2022

BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https... Moderate Unreviewed

CVE-2020-14248 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol... High Unreviewed

CVE-2022-47895 was published Dec 22, 2022

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed

CVE-2021-22702 was published May 24, 2022

Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology... Moderate Unreviewed

CVE-2021-26560 was published May 24, 2022

An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional... Moderate Unreviewed

CVE-2020-8356 was published May 24, 2022

An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials... Moderate Unreviewed

CVE-2021-3417 was published May 24, 2022

IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive... Moderate Unreviewed

CVE-2020-4893 was published May 24, 2022

In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface... High Unreviewed

CVE-2021-20992 was published May 24, 2022

A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by... Moderate Unreviewed

CVE-2021-3494 was published May 24, 2022

Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1... High Unreviewed

CVE-2021-27194 was published May 24, 2022

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.... Moderate Unreviewed

CVE-2021-25643 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2021-27251 was published May 24, 2022

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of... Moderate Unreviewed

CVE-2021-22325 was published May 24, 2022

An internal product security audit of Lenovo XClarity Administrator (LXCA) prior to version 3.1.0... Moderate Unreviewed

CVE-2020-8355 was published May 24, 2022

GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to... Low Unreviewed

CVE-2021-31815 was published May 24, 2022

The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with... High Unreviewed

CVE-2021-32612 was published May 24, 2022

Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over... Moderate Unreviewed

CVE-2021-3003 was published May 24, 2022

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial... High Unreviewed

CVE-2020-27185 was published May 24, 2022

Previous 1…5…26 Next

Previous 1 2 3 4 5 6 7 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

631 advisories