Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Loading
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11)... Critical Unreviewed
CVE-2020-28929 was published May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during... Critical Unreviewed
CVE-2020-25175 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed
CVE-2020-29058 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed
CVE-2020-29054 was published May 24, 2022
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921... Critical Unreviewed
CVE-2020-27555 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology Corp NVR-915 and NVR-1615... Critical Unreviewed
CVE-2020-26097 was published May 24, 2022
Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed... Critical Unreviewed
CVE-2020-26510 was published May 24, 2022
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve... Critical Unreviewed
CVE-2020-26508 was published May 24, 2022
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). Critical Unreviewed
CVE-2020-26105 was published May 24, 2022
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). Critical Unreviewed
CVE-2020-26101 was published May 24, 2022
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative... Critical Unreviewed
CVE-2020-15921 was published May 24, 2022
All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems... Critical Unreviewed
CVE-2019-3431 was published May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Critical Unreviewed
CVE-2019-14929 was published May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ... Critical Unreviewed
CVE-2019-17393 was published May 24, 2022
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in... Critical Unreviewed
CVE-2019-5505 was published May 24, 2022
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2... Critical Unreviewed
CVE-2018-7820 was published May 24, 2022
The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials... Critical Unreviewed
CVE-2019-15052 was published May 24, 2022
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface... Critical Unreviewed
CVE-2019-13400 was published May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
LemonLDAP::NG -2.0.3 has Incorrect Access Control. Critical Unreviewed
CVE-2019-12046 was published May 24, 2022
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in... Critical Unreviewed
CVE-2019-11402 was published May 24, 2022
CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows... Critical Unreviewed
CVE-2019-11350 was published May 24, 2022
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by... Critical Unreviewed
CVE-2018-9031 was published May 13, 2022
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers... Critical Unreviewed
CVE-2018-20444 was published May 13, 2022
Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via... Critical Unreviewed
CVE-2018-20442 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database