GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
335 advisories
Filter by severity
IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could...
Moderate
Unreviewed
CVE-2020-4400
was published
May 24, 2022
Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and...
Moderate
Unreviewed
CVE-2020-15841
was published
May 24, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated,...
Moderate
Unreviewed
CVE-2020-3391
was published
May 24, 2022
Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other...
Moderate
Unreviewed
CVE-2020-13261
was published
May 24, 2022
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could...
Moderate
Unreviewed
CVE-2020-14470
was published
May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects...
Moderate
Unreviewed
CVE-2020-14429
was published
May 24, 2022
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of...
Moderate
Unreviewed
CVE-2020-12712
was published
May 24, 2022
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly...
Moderate
Unreviewed
CVE-2020-1259
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. The...
Moderate
Unreviewed
CVE-2020-13835
was published
May 24, 2022
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud...
Moderate
Unreviewed
CVE-2019-20833
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate...
Moderate
Unreviewed
CVE-2020-4232
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by...
Moderate
Unreviewed
CVE-2020-13414
was published
May 24, 2022
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users...
Moderate
Unreviewed
CVE-2020-13154
was published
May 24, 2022
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the...
Moderate
Unreviewed
CVE-2019-13023
was published
May 24, 2022
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected...
Moderate
Unreviewed
CVE-2019-13021
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software...
Moderate
Unreviewed
CVE-2020-12752
was published
May 24, 2022
An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300...
Moderate
Unreviewed
CVE-2020-10974
was published
May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed...
Moderate
Unreviewed
CVE-2020-10972
was published
May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin...
Moderate
Unreviewed
CVE-2020-10973
was published
May 24, 2022
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL...
Moderate
Unreviewed
CVE-2019-18868
was published
May 24, 2022
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage.
Moderate
Unreviewed
CVE-2019-19218
was published
May 24, 2022
In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials.
Moderate
Unreviewed
CVE-2020-12273
was published
May 24, 2022
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on...
Moderate
Unreviewed
CVE-2020-9275
was published
May 24, 2022
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote...
Moderate
Unreviewed
CVE-2020-11964
was published
May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were...
Moderate
Unreviewed
CVE-2020-11694
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API