GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
144 advisories
Filter by severity
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11)...
Critical
Unreviewed
CVE-2020-28929
was published
May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during...
Critical
Unreviewed
CVE-2020-25175
was published
May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,...
Critical
Unreviewed
CVE-2020-29058
was published
May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,...
Critical
Unreviewed
CVE-2020-29054
was published
May 24, 2022
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921...
Critical
Unreviewed
CVE-2020-27555
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology Corp NVR-915 and NVR-1615...
Critical
Unreviewed
CVE-2020-26097
was published
May 24, 2022
Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed...
Critical
Unreviewed
CVE-2020-26510
was published
May 24, 2022
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve...
Critical
Unreviewed
CVE-2020-26508
was published
May 24, 2022
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
Critical
Unreviewed
CVE-2020-26105
was published
May 24, 2022
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
Critical
Unreviewed
CVE-2020-26101
was published
May 24, 2022
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative...
Critical
Unreviewed
CVE-2020-15921
was published
May 24, 2022
All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems...
Critical
Unreviewed
CVE-2019-3431
was published
May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU...
Critical
Unreviewed
CVE-2019-14929
was published
May 24, 2022
The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP ...
Critical
Unreviewed
CVE-2019-17393
was published
May 24, 2022
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in...
Critical
Unreviewed
CVE-2019-5505
was published
May 24, 2022
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2...
Critical
Unreviewed
CVE-2018-7820
was published
May 24, 2022
The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials...
Critical
Unreviewed
CVE-2019-15052
was published
May 24, 2022
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface...
Critical
Unreviewed
CVE-2019-13400
was published
May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit...
Critical
Unreviewed
CVE-2019-10160
was published
May 24, 2022
LemonLDAP::NG -2.0.3 has Incorrect Access Control.
Critical
Unreviewed
CVE-2019-12046
was published
May 24, 2022
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in...
Critical
Unreviewed
CVE-2019-11402
was published
May 24, 2022
CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows...
Critical
Unreviewed
CVE-2019-11350
was published
May 24, 2022
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by...
Critical
Unreviewed
CVE-2018-9031
was published
May 13, 2022
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers...
Critical
Unreviewed
CVE-2018-20444
was published
May 13, 2022
Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via...
Critical
Unreviewed
CVE-2018-20442
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API