GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
448 advisories
Filter by severity
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage.
Moderate
Unreviewed
CVE-2019-19218
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate...
Moderate
Unreviewed
CVE-2020-4232
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by...
Moderate
Unreviewed
CVE-2020-13414
was published
May 24, 2022
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users...
Moderate
Unreviewed
CVE-2020-13154
was published
May 24, 2022
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the...
Moderate
Unreviewed
CVE-2019-13023
was published
May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin...
Moderate
Unreviewed
CVE-2020-10973
was published
May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed...
Moderate
Unreviewed
CVE-2020-10972
was published
May 24, 2022
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL...
Moderate
Unreviewed
CVE-2019-18868
was published
May 24, 2022
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected...
Moderate
Unreviewed
CVE-2019-13021
was published
May 24, 2022
In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials.
Moderate
Unreviewed
CVE-2020-12273
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software...
Moderate
Unreviewed
CVE-2020-12752
was published
May 24, 2022
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on...
Moderate
Unreviewed
CVE-2020-9275
was published
May 24, 2022
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the...
Moderate
Unreviewed
CVE-2020-11557
was published
May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were...
Moderate
Unreviewed
CVE-2020-11694
was published
May 24, 2022
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password...
Moderate
Unreviewed
CVE-2020-10965
was published
May 24, 2022
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated...
Moderate
Unreviewed
CVE-2020-9425
was published
May 24, 2022
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and...
Moderate
Unreviewed
CVE-2020-9476
was published
May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an...
Moderate
Unreviewed
CVE-2020-6794
was published
May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480...
Moderate
Unreviewed
CVE-2019-9095
was published
May 24, 2022
In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request.
Moderate
Unreviewed
CVE-2020-9337
was published
May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure...
Moderate
Unreviewed
CVE-2019-15653
was published
May 24, 2022
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or...
Moderate
Unreviewed
CVE-2020-9330
was published
May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480...
Moderate
Unreviewed
CVE-2019-9104
was published
May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS...
Moderate
Unreviewed
CVE-2020-3841
was published
May 24, 2022
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes...
Moderate
Unreviewed
CVE-2020-8988
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API