GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,573

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Filter by severity

Sort by

Least recently updated

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS)... Moderate Unreviewed

CVE-2023-50962 was published Feb 2, 2024

Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2... Moderate Unreviewed

CVE-2023-51201 was published Jan 24, 2024

Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the... Moderate Unreviewed

CVE-2023-46889 was published Jan 23, 2024

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local... Moderate Unreviewed

CVE-2023-42144 was published Jan 23, 2024

The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System,... Moderate Unreviewed

CVE-2023-46447 was published Jan 20, 2024

A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior... Moderate Unreviewed

CVE-2023-6094 was published Dec 31, 2023

Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user... Moderate Unreviewed

CVE-2023-34829 was published Dec 28, 2023

An attacker with network access could perform a man-in-the-middle (MitM) attack and capture... Moderate Unreviewed

CVE-2023-50703 was published Dec 20, 2023

On affected platforms running Arista MOS, the configuration of a BGP password will cause the... Moderate Unreviewed

CVE-2023-24547 was published Dec 6, 2023

Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to... Moderate Unreviewed

CVE-2023-42579 was published Dec 5, 2023

The affected product is vulnerable to a cleartext transmission of sensitive... Moderate Unreviewed

CVE-2023-41088 was published Oct 19, 2023

Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed

CVE-2023-5100 was published Oct 9, 2023

A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN... Moderate Unreviewed

CVE-2023-23371 was published Oct 6, 2023

** UNSUPPPORTED WHEN ASSIGNED ** The lack of web request control on ekorCCP and ekorRCI devices... Moderate Unreviewed

CVE-2022-47560 was published Sep 20, 2023

IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by... Moderate Unreviewed

CVE-2023-22870 was published Sep 5, 2023

ArcGIS Enterprise Server versions 11.0 and below have an information disclosure... Moderate Unreviewed

CVE-2023-25848 was published Aug 25, 2023

A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP... Moderate Unreviewed

CVE-2023-34972 was published Aug 24, 2023

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client... Moderate Unreviewed

CVE-2023-36671 was published Aug 10, 2023

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client... Moderate Unreviewed

CVE-2023-36672 was published Aug 10, 2023

An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP... Moderate Unreviewed

CVE-2023-35833 was published Jul 13, 2023

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without... Moderate Unreviewed

CVE-2023-31195 was published Jun 13, 2023

A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS... Moderate Unreviewed

CVE-2022-41327 was published Jun 13, 2023

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information... Moderate Unreviewed

CVE-2023-27861 was published Jun 5, 2023

Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A),... Moderate Unreviewed

CVE-2023-0864 was published May 17, 2023

Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2... Moderate Unreviewed

CVE-2023-25070 was published May 10, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

232 advisories