GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,473

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

311 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Critical Unreviewed

CVE-2020-25228 was published May 24, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on... Critical Unreviewed

CVE-2020-7540 was published May 24, 2022

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.... Critical Unreviewed

CVE-2020-29389 was published May 24, 2022

A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and... Critical Unreviewed

CVE-2020-7561 was published May 24, 2022

A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an... Critical Unreviewed

CVE-2020-3531 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders... Critical Unreviewed

CVE-2020-24217 was published May 24, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an... Critical Unreviewed

CVE-2020-12505 was published May 24, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an... Critical Unreviewed

CVE-2020-12506 was published May 24, 2022

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows... Critical Unreviewed

CVE-2020-15851 was published May 24, 2022

It is possible to enumerate access card credentials via an unauthenticated network connection to... Critical Unreviewed

CVE-2020-16098 was published May 24, 2022

The ClearPass Policy Manager web interface is affected by a vulnerability that leads to... Critical Unreviewed

CVE-2020-7115 was published May 24, 2022

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed

CVE-2020-6207 was published May 24, 2022

SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed

CVE-2020-6198 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Critical Unreviewed

CVE-2019-18339 was published May 24, 2022

Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Critical Unreviewed

CVE-2019-5644 was published May 24, 2022

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow... Critical Unreviewed

CVE-2019-18465 was published May 24, 2022

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows... Critical Unreviewed

CVE-2019-13547 was published May 24, 2022

HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any... Critical Unreviewed

CVE-2019-15064 was published May 24, 2022

Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed

CVE-2019-15940 was published May 24, 2022

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by... Critical Unreviewed

CVE-2019-16199 was published May 24, 2022

eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed

CVE-2019-9585 was published May 24, 2022

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed

CVE-2019-13101 was published May 24, 2022

A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed

CVE-2019-1895 was published May 24, 2022

Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed

CVE-2019-13983 was published May 24, 2022

Previous 1 2 … 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

311 advisories