Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Loading
IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could... Moderate Unreviewed
CVE-2020-4400 was published May 24, 2022
Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and... Moderate Unreviewed
CVE-2020-15841 was published May 24, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated,... Moderate Unreviewed
CVE-2020-3391 was published May 24, 2022
Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other... Moderate Unreviewed
CVE-2020-13261 was published May 24, 2022
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could... Moderate Unreviewed
CVE-2020-14470 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Moderate Unreviewed
CVE-2020-14429 was published May 24, 2022
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of... Moderate Unreviewed
CVE-2020-12712 was published May 24, 2022
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly... Moderate Unreviewed
CVE-2020-1259 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. The... Moderate Unreviewed
CVE-2020-13835 was published May 24, 2022
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud... Moderate Unreviewed
CVE-2019-20833 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate... Moderate Unreviewed
CVE-2020-4232 was published May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by... Moderate Unreviewed
CVE-2020-13414 was published May 24, 2022
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users... Moderate Unreviewed
CVE-2020-13154 was published May 24, 2022
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the... Moderate Unreviewed
CVE-2019-13023 was published May 24, 2022
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected... Moderate Unreviewed
CVE-2019-13021 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software... Moderate Unreviewed
CVE-2020-12752 was published May 24, 2022
An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300... Moderate Unreviewed
CVE-2020-10974 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed... Moderate Unreviewed
CVE-2020-10972 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin... Moderate Unreviewed
CVE-2020-10973 was published May 24, 2022
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL... Moderate Unreviewed
CVE-2019-18868 was published May 24, 2022
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. Moderate Unreviewed
CVE-2019-19218 was published May 24, 2022
In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials. Moderate Unreviewed
CVE-2020-12273 was published May 24, 2022
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on... Moderate Unreviewed
CVE-2020-9275 was published May 24, 2022
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote... Moderate Unreviewed
CVE-2020-11964 was published May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database