Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,916
Maven
5,000+
npm
3,646
NuGet
638
pip
3,263
Pub
10
RubyGems
870
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

256 advisories

Loading
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when... Moderate Unreviewed
CVE-2019-11739 was published May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests... Moderate Unreviewed
CVE-2019-4280 was published May 24, 2022
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. Moderate Unreviewed
CVE-2019-14959 was published May 24, 2022
An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data... Moderate Unreviewed
CVE-2019-14808 was published May 24, 2022
Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access... Moderate Unreviewed
CVE-2019-12967 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580,... Moderate Unreviewed
CVE-2019-6846 was published May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed
CVE-2019-16672 was published May 24, 2022
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build... Moderate Unreviewed
CVE-2019-16674 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The RMI... Moderate Unreviewed
CVE-2019-18285 was published May 24, 2022
Jenkins SCTMExecutor Plugin stores credentials in plain text Moderate
CVE-2019-16568 was published for hudson.plugins.sctmexecutor:SCTMExecutor (Maven) May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The... Moderate Unreviewed
CVE-2019-19889 was published May 24, 2022
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. Admin... Moderate Unreviewed
CVE-2019-19890 was published May 24, 2022
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer... Moderate Unreviewed
CVE-2019-8632 was published May 24, 2022
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8506 was published May 24, 2022
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics. Moderate Unreviewed
CVE-2020-8507 was published May 24, 2022
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900... Moderate Unreviewed
CVE-2019-18863 was published May 24, 2022
Missing permission checks in Jenkins P4 Plugin Moderate
CVE-2020-2142 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access... Moderate Unreviewed
CVE-2019-16067 was published May 24, 2022
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext... Moderate Unreviewed
CVE-2020-6195 was published May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on... Moderate Unreviewed
CVE-2020-7483 was published May 24, 2022
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak... Moderate Unreviewed
CVE-2020-7488 was published May 24, 2022
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP... Moderate Unreviewed
CVE-2020-5867 was published May 24, 2022
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres... Moderate Unreviewed
CVE-2020-5865 was published May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over... Moderate Unreviewed
CVE-2020-11614 was published May 24, 2022
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. Moderate Unreviewed
CVE-2020-14093 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database