GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,126

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

498 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed

CVE-2019-15940 was published May 24, 2022

HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any... Critical Unreviewed

CVE-2019-15064 was published May 24, 2022

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows... Critical Unreviewed

CVE-2019-13547 was published May 24, 2022

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow... Critical Unreviewed

CVE-2019-18465 was published May 24, 2022

Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Critical Unreviewed

CVE-2019-5644 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Critical Unreviewed

CVE-2019-18339 was published May 24, 2022

SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed

CVE-2020-6198 was published May 24, 2022

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed

CVE-2020-6207 was published May 24, 2022

SaltStack Salt Unauthenticated Remote Code Execution Critical

CVE-2020-11651 was published for salt (pip) May 24, 2022

The ClearPass Policy Manager web interface is affected by a vulnerability that leads to... Critical Unreviewed

CVE-2020-7115 was published May 24, 2022

DevSpace vulnerable to remote code execution Critical

CVE-2020-15391 was published for github.com/loft-sh/devspace (Go) May 24, 2022

It is possible to enumerate access card credentials via an unauthenticated network connection to... Critical Unreviewed

CVE-2020-16098 was published May 24, 2022

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows... Critical Unreviewed

CVE-2020-15851 was published May 24, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an... Critical Unreviewed

CVE-2020-12506 was published May 24, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an... Critical Unreviewed

CVE-2020-12505 was published May 24, 2022

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders... Critical Unreviewed

CVE-2020-24217 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an... Critical Unreviewed

CVE-2020-3531 was published May 24, 2022

A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and... Critical Unreviewed

CVE-2020-7561 was published May 24, 2022

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.... Critical Unreviewed

CVE-2020-29389 was published May 24, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on... Critical Unreviewed

CVE-2020-7540 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Critical Unreviewed

CVE-2020-25228 was published May 24, 2022

The official sonarqube docker images before alpine (Alpine specific) contain a blank password for... Critical Unreviewed

CVE-2020-35193 was published May 24, 2022

The Blackfire Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed

CVE-2020-35466 was published May 24, 2022

Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user.... Critical Unreviewed

CVE-2020-35462 was published May 24, 2022

Previous 1…5…20 Next

Previous 1 2 3 4 5 6 7 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

498 advisories