Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology Corp NVR-915 and NVR-1615... Critical Unreviewed
CVE-2020-26097 was published May 24, 2022
Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed... Critical Unreviewed
CVE-2020-26510 was published May 24, 2022
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve... Critical Unreviewed
CVE-2020-26508 was published May 24, 2022
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). Critical Unreviewed
CVE-2020-26105 was published May 24, 2022
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). Critical Unreviewed
CVE-2020-26101 was published May 24, 2022
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative... Critical Unreviewed
CVE-2020-15921 was published May 24, 2022
All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems... Critical Unreviewed
CVE-2019-3431 was published May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Critical Unreviewed
CVE-2019-14929 was published May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ... Critical Unreviewed
CVE-2019-17393 was published May 24, 2022
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in... Critical Unreviewed
CVE-2019-5505 was published May 24, 2022
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2... Critical Unreviewed
CVE-2018-7820 was published May 24, 2022
The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials... Critical Unreviewed
CVE-2019-15052 was published May 24, 2022
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface... Critical Unreviewed
CVE-2019-13400 was published May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
LemonLDAP::NG -2.0.3 has Incorrect Access Control. Critical Unreviewed
CVE-2019-12046 was published May 24, 2022
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in... Critical Unreviewed
CVE-2019-11402 was published May 24, 2022
CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows... Critical Unreviewed
CVE-2019-11350 was published May 24, 2022
Account takeover in facturascripts Critical
CVE-2022-1715 was published for facturascripts/facturascripts (Composer) May 14, 2022
SiCKRAGE Discloses Plaintext Credentials Critical
CVE-2018-9160 was published for sickrage (pip) May 13, 2022
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by... Critical Unreviewed
CVE-2018-9031 was published May 13, 2022
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers... Critical Unreviewed
CVE-2018-20444 was published May 13, 2022
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to... Critical Unreviewed
CVE-2018-20439 was published May 13, 2022
Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via... Critical Unreviewed
CVE-2018-20442 was published May 13, 2022
Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices allow remote attackers to... Critical Unreviewed
CVE-2018-20443 was published May 13, 2022
Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to discover Wi-Fi credentials via... Critical Unreviewed
CVE-2018-20438 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database