Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,296
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

333 advisories

Loading
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Critical Unreviewed
CVE-2019-18339 was published May 24, 2022
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed
CVE-2020-6198 was published May 24, 2022
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed
CVE-2020-6207 was published May 24, 2022
SaltStack Salt Unauthenticated Remote Code Execution Critical
CVE-2020-11651 was published for salt (pip) May 24, 2022
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to... Critical Unreviewed
CVE-2020-7115 was published May 24, 2022
DevSpace vulnerable to remote code execution Critical
CVE-2020-15391 was published for github.com/loft-sh/devspace (Go) May 24, 2022
It is possible to enumerate access card credentials via an unauthenticated network connection to... Critical Unreviewed
CVE-2020-16098 was published May 24, 2022
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows... Critical Unreviewed
CVE-2020-15851 was published May 24, 2022
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an... Critical Unreviewed
CVE-2020-12505 was published May 24, 2022
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an... Critical Unreviewed
CVE-2020-12506 was published May 24, 2022
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders... Critical Unreviewed
CVE-2020-24217 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12500 was published May 24, 2022
A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an... Critical Unreviewed
CVE-2020-3531 was published May 24, 2022
A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and... Critical Unreviewed
CVE-2020-7561 was published May 24, 2022
The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.... Critical Unreviewed
CVE-2020-29389 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on... Critical Unreviewed
CVE-2020-7540 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Critical Unreviewed
CVE-2020-25228 was published May 24, 2022
Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35464 was published May 24, 2022
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for... Critical Unreviewed
CVE-2020-35193 was published May 24, 2022
Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35462 was published May 24, 2022
The Blackfire Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35466 was published May 24, 2022
The FullArmor HAPI File Share Mount Docker image through 2020-12-14 contains a blank password for... Critical Unreviewed
CVE-2020-35465 was published May 24, 2022
The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root... Critical Unreviewed
CVE-2020-35469 was published May 24, 2022
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35467 was published May 24, 2022
Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user... Critical Unreviewed
CVE-2020-35463 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database