GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,308

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

162 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ECOA BAS controller’s special page displays user account and passwords in plain text, thus... Critical Unreviewed

CVE-2021-41300 was published May 24, 2022

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed

CVE-2021-21505 was published May 24, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Critical Unreviewed

CVE-2021-30168 was published May 24, 2022

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the... Critical Unreviewed

CVE-2019-1384 was published May 24, 2022

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials. Critical Unreviewed

CVE-2021-40520 was published May 24, 2022

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU... Critical Unreviewed

CVE-2021-20597 was published May 24, 2022

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. Critical Unreviewed

CVE-2021-30116 was published May 24, 2022

Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and... Critical Unreviewed

CVE-2021-22737 was published May 24, 2022

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the... Critical Unreviewed

CVE-2020-12061 was published May 24, 2022

Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01... Critical Unreviewed

CVE-2021-27734 was published May 24, 2022

AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows... Critical Unreviewed

CVE-2020-21994 was published May 24, 2022

Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly... Critical Unreviewed

CVE-2021-27372 was published May 24, 2022

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions... Critical Unreviewed

CVE-2021-22681 was published May 24, 2022

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in ... Critical Unreviewed

CVE-2020-13859 was published May 24, 2022

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with... Critical Unreviewed

CVE-2020-25848 was published May 24, 2022

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote... Critical Unreviewed

CVE-2020-35575 was published May 24, 2022

A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail... Critical Unreviewed

CVE-2020-25011 was published May 24, 2022

Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11)... Critical Unreviewed

CVE-2020-28929 was published May 24, 2022

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during... Critical Unreviewed

CVE-2020-25175 was published May 24, 2022

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed

CVE-2020-29058 was published May 24, 2022

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed

CVE-2020-29054 was published May 24, 2022

Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921... Critical Unreviewed

CVE-2020-27555 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology Corp NVR-915 and NVR-1615... Critical Unreviewed

CVE-2020-26097 was published May 24, 2022

Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed... Critical Unreviewed

CVE-2020-26510 was published May 24, 2022

The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve... Critical Unreviewed

CVE-2020-26508 was published May 24, 2022

Previous 1…3…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

162 advisories