GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
233 advisories
Filter by severity
An attacker with access to the network where the affected devices are located could...
Moderate
Unreviewed
CVE-2023-40544
was published
Feb 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS)...
Moderate
Unreviewed
CVE-2023-50962
was published
Feb 2, 2024
Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2...
Moderate
Unreviewed
CVE-2023-51201
was published
Jan 24, 2024
Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local...
Moderate
Unreviewed
CVE-2023-42144
was published
Jan 23, 2024
Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the...
Moderate
Unreviewed
CVE-2023-46889
was published
Jan 23, 2024
The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,...
Moderate
Unreviewed
CVE-2023-46447
was published
Jan 20, 2024
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior...
Moderate
Unreviewed
CVE-2023-6094
was published
Dec 31, 2023
Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user...
Moderate
Unreviewed
CVE-2023-34829
was published
Dec 28, 2023
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture...
Moderate
Unreviewed
CVE-2023-50703
was published
Dec 20, 2023
On affected platforms running Arista MOS, the configuration of a BGP password will cause the...
Moderate
Unreviewed
CVE-2023-24547
was published
Dec 6, 2023
Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to...
Moderate
Unreviewed
CVE-2023-42579
was published
Dec 5, 2023
The affected product is vulnerable to a cleartext transmission of sensitive...
Moderate
Unreviewed
CVE-2023-41088
was published
Oct 19, 2023
Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an
unprivileged...
Moderate
Unreviewed
CVE-2023-5100
was published
Oct 9, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN...
Moderate
Unreviewed
CVE-2023-23371
was published
Oct 6, 2023
** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices...
Moderate
Unreviewed
CVE-2022-47560
was published
Sep 20, 2023
IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by...
Moderate
Unreviewed
CVE-2023-22870
was published
Sep 5, 2023
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure...
Moderate
Unreviewed
CVE-2023-25848
was published
Aug 25, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP...
Moderate
Unreviewed
CVE-2023-34972
was published
Aug 24, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36671
was published
Aug 10, 2023
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client...
Moderate
Unreviewed
CVE-2023-36672
was published
Aug 10, 2023
An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP...
Moderate
Unreviewed
CVE-2023-35833
was published
Jul 13, 2023
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without...
Moderate
Unreviewed
CVE-2023-31195
was published
Jun 13, 2023
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS...
Moderate
Unreviewed
CVE-2022-41327
was published
Jun 13, 2023
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information...
Moderate
Unreviewed
CVE-2023-27861
was published
Jun 5, 2023
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A),...
Moderate
Unreviewed
CVE-2023-0864
was published
May 17, 2023
ProTip!
Advisories are also available from the
GraphQL API