Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

448 advisories

Loading
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. Moderate Unreviewed
CVE-2019-19218 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate... Moderate Unreviewed
CVE-2020-4232 was published May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by... Moderate Unreviewed
CVE-2020-13414 was published May 24, 2022
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users... Moderate Unreviewed
CVE-2020-13154 was published May 24, 2022
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the... Moderate Unreviewed
CVE-2019-13023 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin... Moderate Unreviewed
CVE-2020-10973 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed... Moderate Unreviewed
CVE-2020-10972 was published May 24, 2022
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL... Moderate Unreviewed
CVE-2019-18868 was published May 24, 2022
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected... Moderate Unreviewed
CVE-2019-13021 was published May 24, 2022
In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials. Moderate Unreviewed
CVE-2020-12273 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software... Moderate Unreviewed
CVE-2020-12752 was published May 24, 2022
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on... Moderate Unreviewed
CVE-2020-9275 was published May 24, 2022
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the... Moderate Unreviewed
CVE-2020-11557 was published May 24, 2022
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password... Moderate Unreviewed
CVE-2020-10965 was published May 24, 2022
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated... Moderate Unreviewed
CVE-2020-9425 was published May 24, 2022
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and... Moderate Unreviewed
CVE-2020-9476 was published May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an... Moderate Unreviewed
CVE-2020-6794 was published May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480... Moderate Unreviewed
CVE-2019-9095 was published May 24, 2022
In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request. Moderate Unreviewed
CVE-2020-9337 was published May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure... Moderate Unreviewed
CVE-2019-15653 was published May 24, 2022
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or... Moderate Unreviewed
CVE-2020-9330 was published May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480... Moderate Unreviewed
CVE-2019-9104 was published May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS... Moderate Unreviewed
CVE-2020-3841 was published May 24, 2022
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes... Moderate Unreviewed
CVE-2020-8988 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database