Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2021-27251 was published May 24, 2022
Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1... High Unreviewed
CVE-2021-27194 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface... High Unreviewed
CVE-2021-20992 was published May 24, 2022
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed
CVE-2021-22702 was published May 24, 2022
In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol... High Unreviewed
CVE-2022-47895 was published Dec 22, 2022
In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a... High Unreviewed
CVE-2021-27209 was published May 24, 2022
The affected Reolink P2P products do not sufficiently protect data transferred between the local... High Unreviewed
CVE-2020-25169 was published May 24, 2022
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic... High Unreviewed
CVE-2021-22703 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability has been reported to affect... High Unreviewed
CVE-2018-19944 was published May 24, 2022
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its... High Unreviewed
CVE-2020-11718 was published May 24, 2022
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836... High Unreviewed
CVE-2020-27554 was published May 24, 2022
The affected product transmits unencrypted sensitive information, which may allow an attacker to... High Unreviewed
CVE-2020-25155 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve... High Unreviewed
CVE-2020-25645 was published May 24, 2022
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20... High Unreviewed
CVE-2020-1902 was published May 24, 2022
A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The... High Unreviewed
CVE-2021-40366 was published May 24, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP... High Unreviewed
CVE-2021-27422 was published Mar 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... High Unreviewed
CVE-2019-6845 was published May 24, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30993 was published May 19, 2022
Cleartext transmission of sensitive information. The following products are affected: Acronis... High Unreviewed
CVE-2022-30994 was published May 19, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All... High Unreviewed
CVE-2022-29874 was published May 21, 2022
UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote... High Unreviewed
CVE-2022-38122 was published Nov 10, 2022
Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They... High Unreviewed
CVE-2022-31204 was published Jul 27, 2022
** DISPUTED ** A vulnerability was found in whohas. It has been rated as problematic. This issue... High Unreviewed
CVE-2021-4258 was published Dec 19, 2022
Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may... High Unreviewed
CVE-2022-2485 was published Sep 1, 2022
AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials... High Unreviewed
CVE-2022-2005 was published Sep 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database